Sr. Security Specialist (GRC) (Part-Time)

Back to All Jobs
[social_share]

Our client requires a Senior Security Specialist to support and deliver on multiple initiatives related to Security Governance, Risk and Compliance (GRC) and Cyber Defense Operations. This includes leading multiple initiatives related to security strategy, security audit and compliance requirements and findings, security governance including policies, standards and processes development and security risk management procedures.

Work is remote within the Province of Ontario. The role is Part-Time, working the equivalent of 78 business days for Fiscal Year 2026/2027, and 47 business days in Fiscal Year 2027/2028.

Remote within Ontario

Mandatory Requirements

Mandatory Requirements Include:

  • Public Sector experience is a must have
  • Minimum 8 years of hands-on experience with IPC (very strong) and OAGO audits.
  • Minimum 5 years extensive experience in conducting comprehensive security Threat and Risk Assessment (TRA) using frameworks such as NIST CSF, HTRA, and ISO 27001. Risk Assessment, mitigation recommendations and management with a strong focus on identifying vulnerabilities, analyzing potential impacts, and delivering actionable risk mitigation to stakeholders.
  • Minimum 5 years of extensive experience with Information security governance, developing policies and standards with a strong ability to identify gaps between the current security posture and industry standards, best practices, and regulatory requirements.
  • 5+ years of experience authoring executive-level reports, developing cyber security program and risk registers, and delivering presentations to stakeholders and senior leadership.

Required Skills:

  • An understanding of risk assessment methodologies such as HTRA and CSF, and frameworks such as NIST and ISO 27001/2.
  • Knowledge and experience developing and working with security architecture, and IT management frameworks such as SABSA, and CoBIT.
  • Strong knowledge and demonstrated experience working with compliance and audit frameworks including PHIPA, SOC 2 TII, OAGO audits.
  • Hands on experience with IPC triennial audits
  • Technical writing expertise and demonstrated knowledge and experience in developing Information security policies and standards in alignment with PHIPA, IPC requirements and industry standards.
  • Strong understanding and ability to interpret and communicate risk management concepts.
  • Good experience & knowledge of TRA methodologies and other risk assessment methodologies and tools, and familiarity with related security tests and test methodologies
  • Deep understanding of typical security threats, vulnerabilities and safeguards relevant to IT systems.
  • Experience in writing and presenting subject matter information that is both comprehensive and easy to understand.
  • Excellent communication and reporting abilities to effectively present findings and risk mitigation strategies to both technical teams and executive stakeholders.
  • Experience and working knowledge of risk management lifecycle, processes, and concepts.
  • Strong analytical skills to assess potential impacts and likelihoods of various threat scenarios.
Desirable Requirements
  • 10+ years’ experience in various security domains including third-party risk management, IT audits and/or Security Governance, Risk and Compliance (GRC)
  • Bachelor’s or Master’s degree in Computer Science, Information Technology, Cyber Security, Systems or other related field, or equivalent work experience.
  • Professional certifications in information/cyber security (e.g. CISSP, CCSP, CISA, CISM, CRISC) is required.
  • Knowledge of prevalent industry standards (ISO 27001/27002, NIST, CIS, COBIT)

Job Posting ID: 56952

Location: Remote within Ontario

Estimated Starting Date: Aug 17, 2026

Estimated End Date: till Aug 13, 2027 + pos. extension

Posting Closing Date: July 23, 2026

Back to All Jobs


Apply for this Job Posting

Fill in the form below to submit your application for this position.

  • This field is for validation purposes and should be left unchanged.
  • Accepted file types: doc, pdf, docx, Max. file size: 512 MB.