This amount is what we reasonably believe we will pay for the position; however, offer amounts may vary based on factors such as geographic location, relevant education, experience, qualifications, skills, shift, or any collective bargaining agreements.

For eligible positions, compensation may include participation in a bonus or sales incentive plan, subject to the terms and conditions of the applicable plan documents. For certain sales roles, EECOL also offers a commission structure that provides additional compensation based on sales results, as defined by the applicable commission plan.

In addition, EECOL offers a benefits program for eligible employees, which may include paid time off, medical, dental, and vision coverage, and retirement savings plans. Additional details about benefits are available here.

Job Summary

We are looking for a Senior Analyst – IT Security with a strong focus on Governance, Risk, and Compliance (GRC) to support our efforts in maintaining ISO 27001 certification and other compliance-related activities. Reporting to the Cybersecurity Manager, the ideal candidate will have a solid understanding of GRC principles, experience in compliance activities, and a proactive approach to assessing and managing information security risks.

What’s in it for You

• Permanent, full-time positions, Monday through Friday.
• Enjoy regular salary reviews and incentive opportunities.
• EECOL is not just a job, but a company where you can learn, develop, and build your career! All training provided.
• A benefits package designed with your total well-being in mind including generous paid time off, comprehensive insurance options for you and your family, generous flex benefits, health & dental plan, life insurance, vision care, education assistance and a retirement savings plan including Pension, RRSP and TFSA opportunities to save for the future!
• Enjoy a wide variety of perks including discounts on travel, vehicles, entertainment, shopping and much more.

Responsibilities:

• Support the development, implementation, and maintenance of EECOL’s Information Security Management System (ISMS) in alignment with ISO 27001 standards.
• Assist in the preparation and coordination of internal and external audits related to ISO 27001 compliance.
• Assist with gap assessment, compliance mapping, and strategic planning for the Canadian Program for Cybersecurity Certification (CPCSC).
• Operational support for risk register and risk management activities.
• Conduct third-party risk assessments and report on findings.
• Conduct solution risk assessments, identifying and evaluating information security risks, and recommending mitigation strategies.
• Act as a Subject Matter Expert for EECOL’s Cybersecurity Policies and Standards.
• Collaborate with cross-functional teams to promote a culture of security awareness and ensure compliance with security policies.
• Assist with the collection and reporting of metrics in support of the cybersecurity program.
• Monitor and ensure compliance with regulatory requirements and industry standards.
• Assist the Cybersecurity Manager with security projects and initiatives as needed.
• Provide support for Security Awareness activities, including company-wide communications, presentations, and phishing campaigns.
• Be customer focused and delivery-oriented to drive change.

Qualifications:

• Excellent verbal and written communication skills with the ability to convey complex technical concepts to non-technical stakeholders.
• Post-secondary degree (preferred), diploma or certificate with a focus in Computer Science, Engineering, or other Computer Technology disciplines.
• Industry-recognized cyber security certifications such as CISSP, CISM, CISA or similar is desired
• Minimum of 7+ years of experience in cybersecurity with a focus on governance, risk, and compliance activities.
• Strong knowledge of security frameworks, standards, and best practices (ISO 27001, NIST, CIS).
• Technical expertise in providing guidance on security control implementation.
• Experience in developing and implementing security policies and procedures.
• Experience with audit and compliance activities.
• Knowledge of international legislation related to Cybersecurity responsibilities.
• Ability to work well under pressure and manage workload in a fast-paced, agile environment.
• Ability to collaborate effectively with various stakeholders and departments to achieve outcomes.
• Ability to manage own time, priorities and work independently or within a team environment

LI-NS1