Security, Risk and Compliance Consultant (Cambridge,ON)

About the job

Note: This role requires you to be onsite 4 days a week in Cambridge, ON

We are seeking a skilled Information Security Specialist to join our team. This role is critical in ensuring our IT infrastructure’s security, compliance, and operational integrity. The ideal candidate will possess cybersecurity, risk management, and operational support expertise while actively contributing to the organization’s security initiatives and best practices.

Key Responsibility:

Information Security and Risk Management:

  • Implement and maintain security frameworks (e.g., NIST or others) to safeguard networks, cloud infrastructure, and applications.
  • Identify and address common threats with effective defence mechanisms.
  • Manage endpoint protection, file integrity monitoring, data loss prevention, and runtime protection tools.
  • Investigate and mitigate cybersecurity alerts, incidents, and advisories.
  • Analyze firewall, system, and security device logs to identify and address vulnerabilities.

Operational Support and Compliance:

  • Lead audit activities, including SOX compliance, ATSG, and internal audits.
  • Ensure compliance with organizational security standards and develop/update policies, procedures, and contingency plans.
  • Conduct regular internal audits, producing reports and dashboards to identify non-compliance and potential risks.
  • Manage tools like Qualys, Zscaler, Entuity, Password State, and SSL Certificates.
  • Oversee patch management and Splunk monitoring to ensure systems remain secure.

Technical Expertise:

  • Maintain and optimize security tools such as SIEM, antivirus (e.g., McAfee/Trellix, Windows Defender), and firewalls.
  • Provide expertise in email, endpoint, and network security concepts.
  • Use scanning and monitoring tools to proactively identify vulnerabilities.
  • Apply advanced networking knowledge, including routing, DNS, common ports/protocols, and firewalls.

Leadership and Best Practices:

  • Lead project tasks, weekly change management meetings, and security discussions.
  • Provide guidance and educate teams on industry best practices for security technologies.
  • Stay current on evolving security standards, technologies, and threats, applying this knowledge to improve organizational resilience.

Reporting and Collaboration:

  • Collaborate with internal support teams and external vendors to address and resolve security issues.
  • Develop dashboards and reports using tools like Power BI to communicate risks and compliance metrics effectively.

Key Skill Sets:

Required Expertise:

  • Strong understanding of security frameworks (e.g., NIST) and InfoSec concepts.
  • Proficiency in endpoint security, malware protection, phishing defences, and threat analysis.
  • Hands-on experience with security tools like SIEM, Qualys, Zscaler, antivirus solutions, and firewalls.
  • Knowledge of networking concepts and security tools (e.g., routing, DNS, ports, protocols).

Preferred Skills:

  • Familiarity with tools such as Splunk, ServiceNow, and Power BI.
  • Experience managing SSL Certificates and compliance activities.
  • Understanding of patch management processes and cybersecurity best practices.

Other Attributes:

  • Strong analytical skills to perform root cause analysis and assess vulnerabilities.
  • Ability to work independently and lead cross-functional security initiatives.
  • Excellent communication and interpersonal skills.

Apply Now!

Apply for this position

Allowed Type(s): .pdf, .doc, .docx
Scroll to Top