Governance Risk and Compliance Analyst (Future Opportunity)

About Us:

Join the ISA Cybersecurity associate network and become part of a team of cybersecurity experts dedicated to supporting organizations across Canada in addressing some of the most complex cybersecurity challenges. As a valued member of our team, you will have the chance to engage in fascinating projects, collaborate with other cybersecurity professionals, and connect with a network that offers exciting opportunities to support our clients.

At ISA Cybersecurity are proud to be recognized as a top employer for multiple years in a row, we currently hold the distinctions of Canadas Top Small and Medium Employers 2024, Greater Torontos Top Employers 2025 and are Certified Great Place to Work 2024-2025.

Our mission is to help clients achieve their privacy and security goals, and to be proactive in the fight against security threats. ISA is Canadas leading cybersecurity-focused company, with three decades of experience delivering cybersecurity services and people you can trust. We provide our clients with comprehensive counsel on complex, evolving, and multi-faceted issues related to cybersecurity and breach incident response.

ISA Cybersecurity also offers a world-class 24/7 by 365 SOC 2 Type II certified CIOC (cybersecurity intelligence operations center), giving our clients deeper insights and earlier warnings about coordinated cyber-attacks. ISA strategically partners with many of the most respected security technology firms in the world. Through these relationships, our clients can gain access to a broad portfolio of industry-leading cyber solutions best suited to protect their corporate assets and customer data.

In todays volatile world of digital threats, we help Canadian companies to better understand their current security posture and how to mitigate risks.

About the Opportunity:

We are on the lookout for Governance, Risk, and Compliance (GRC) professionals to fill current and future opportunities. You will bring experience in leveraging compliance frameworks, implementing security governance, conducting thorough risk assessments, and will have developed policies to adhere to industry standards such as NIST, ISO 27001, GDPR, and SOC 2. Please note, your application will be considered for future opportunities both full-time and contract, a member of our team may be in touch to discuss your skills and experience.

Responsibilities Could Include:

Assist in developing, implementing, and maintaining GRC policies and procedures aligned with compliance frameworks

Monitor and update security policies, standards, and guidelines to align with evolving security best practices

Conduct compliance assessments and internal audits to ensure adherence to policies and industry standards

Support data protection, retention, and classification

Conduct risk assessments and gap analyses to identify and mitigate risks

Support the tracking and remediation of compliance risks and policy violations

Assist in third-party risk assessments, ensuring vendors and partners meet security and compliance requirements

Monitor security alerts and compliance reports

Work with cross-functional teams to implement security and compliance improvements based on risk findings

Assist in preparing for regulatory audits and internal security reviews

Maintain accurate compliance documentation, including risk registers, audit reports, and corrective action plans

Help develop and deliver GRC awareness training to employees, ensuring a culture of compliance and risk awareness

Support incident response efforts related to regulatory compliance issues and data privacy concerns

Qualifications:

1-3 years of experience in GRC, cybersecurity compliance, or risk management

Knowledge of Microsoft Purview Compliance Manager, Microsoft 365 Security & Compliance Center, and Defender for Cloud will be considered an asset

CISSP, CISM, CISA certifications completed or in progress

Familiarity with ISO 27001, NIST, SOC 2, GDPR, and other security frameworks

Understanding risk management methodologies, compliance audits, and security governance best practices

Strong analytical, documentation, and problem-solving skills

Excellent communication and collaboration skills, with the ability to work across teams

Accessibility:

ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need, please inform ISAs Human Resources team (hr@e-isa.com) so arrangements can be made for appropriate accommodation to be in place during the recruitment process.