Analyst, Security Services

Our culture lifts you upthere is no ego in the way. Our common purpose We all want to win for our customers. We aim to always be evolving dynamic and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.

Time Type:

Job Description :

POSITION SUMMARY

The Security Services Analyst will be a key contributor to the organizations Governance Risk and Compliance (GRC) function. The GRC Analyst will collaborate with Cybersecurity SMEs and the Risk Management Lead on broader risk assessments and will be responsible for conducting compliance self-assessments such as those required for PCI DSS or cyber insurance ultimately contributing to a robust security and compliance posture.

KEY RESPONSIBILITIES

• Manage and execute Third-Party Risk Assessments (TPRA) including vendor categorization security evaluation evidence review risk scoring the development of mitigation recommendations contract reviews and ongoing monitoring of vendor risks.

• Manage Data Loss Prevention (DLP) alerts ensuring a thorough follow-up with stakeholders.

• Plan and deploy annual training awareness and phishing campaigns.

• Manage GRC solutions and documentation such as phishing TPRM Risk Register etc.

• Review and update periodically security policies standards and guidelines.

• Process security exception requests ensuring thorough documentation appropriate routing tracking timely resolution and contributing to the development and enforcement of exception policies and standards.

• Coordinate the application approval process ensuring adherence to security policies and standards providing guidance to stakeholders on security requirements and identifying and addressing potential risks associated with new applications.

• Collaborate with Cybersecurity SMEs and the Lead GRC Analyst to contribute to security risk assessments including the identification of threats and vulnerabilities the analysis of potential impact and the recommendation of appropriate controls.

• Collaborate with Governance Lead to conduct compliance self-assessment activities related to frameworks such as PCI DSS cyber insurance requirements or other relevant regulations ensuring accurate and timely completion.

• Contribute to the development implementation and maintenance of GRC-related documentation including policies standards guidelines procedures and risk assessment templates ensuring they are up-to-date and effectively communicated.

• Support Information Security team on projects when required.

ACADEMIC TRAINING

• Bachelors degree in Information Security Business Administration or a related field (or equivalent practical experience).

• Preferred certifications: CISSP CISM or similar domain-specific certifications

SPECIFIC COMPETENCIES

• Solid and demonstrable understanding of information security principles risk management methodologies and compliance frameworks.

• Experience participating in and contributing to security risk assessments including identifying and analyzing risks.

• Familiarity with and experience in conducting or leading compliance self-assessment activities related to frameworks such as PCI DSS Privacy laws HIPAA SOC 2 or others relevant to the organization.

• Strong analytical and problem-solving skills with a keen attention to detail.

• Fluent in English and French (spoken and written) required to collaborate with stakeholders in Quebec Ontario and across the United States.

• Excellent written and verbal communication skills with the ability to effectively communicate risk and compliance concepts to various audiences.

Location :

Company :

At Cogeco we know that different backgrounds perspectives and beliefs can bring critical value to our business. The strength of this diversity enhances our ability to imagine innovate and grow as a company. So we are committed to doing everything in our power to create a more diverse and inclusive world of belonging.

By creating a culture where all our colleagues can bring their best selves to work were doing our part to build a more equitable workplace and world. From professional development to personal safety Cogeco constantly strives to create an environment that welcomes and nurtures all. We make the health and well-being of our colleagues one of our highest priorities for we know engaged and appreciated employees equate to a better overall experience for our customers.

If you need any accommodations to apply or as part of the recruitment process please contact us confidentially at