Cyber Security Risk Analyst - Assurance in Canada Creek, Nova Scotia at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cyber Security Risk Analyst - Assurance in Canada.

This role sits at the intersection of cybersecurity, risk management, and executive reporting, transforming complex technical security findings into clear, decision-ready insights for leadership teams. You will play a key part in strengthening organizational cyber resilience by analyzing threat and risk assessments, penetration test results, and security control gaps. The position involves working closely with governance and assurance stakeholders to ensure risks are properly identified, documented, and tracked. You will apply recognized cybersecurity risk frameworks to structure assessments and support consistent decision-making across the organization. A strong focus is placed on translating technical vulnerabilities into business impact narratives that guide remediation priorities. Operating in a remote and collaborative environment, you will contribute directly to improving risk visibility and governance maturity. The role requires both analytical depth and strong communication skills to influence executive-level understanding of cyber risk.

• Translate complex cybersecurity findings from Threat and Risk Assessments (TRAs) and penetration tests into clear, executive-level risk narratives and actionable insights.
• Apply cybersecurity risk frameworks such as NIST Cybersecurity Framework, NIST SP 800-30, NIST SP 800-53, and HTRA to structure and assess cyber risks consistently.
• Document, track, and maintain cyber risks, treatment plans, and remediation activities within ServiceNow GRC.
• Support cyber risk governance activities, including risk register management and reporting for assurance and leadership stakeholders.
• Produce executive-grade cyber risk reports that highlight exposure, control gaps, and remediation progress.
• Collaborate with security, risk, and technical teams to ensure accurate interpretation of vulnerabilities and alignment on mitigation priorities.

• University degree or college diploma in Computer Science, Information Security, Risk Management, or a related field.
• 5+ years of experience in cybersecurity or technology risk, including at least 3 years producing executive-level cyber risk reporting.
• Strong hands-on experience with cyber risk frameworks such as NIST Cybersecurity Framework, HTRA, and related methodologies.
• Experience working with ServiceNow GRC for risk tracking, documentation, and governance workflows.
• Ability to translate technical vulnerabilities and security findings into business impact, risk language, and remediation guidance.
• Strong understanding of common cyber threats, mitigation strategies, and security control environments.
• Excellent written and verbal communication skills with the ability to influence executive and non-technical stakeholders.
• Secret Security Clearance required or eligibility to obtain it by residing in Canada for at least 5 years.
• Assets include knowledge of ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27005, third-party and cloud risk management, AI-assisted security tools, and familiarity with regulated financial or Canadian federal cybersecurity environments.

• Competitive compensation aligned with experience and security clearance requirements.
• Remote-first role with flexibility in work arrangement.
• Long-term contract opportunity (1.5 years) with potential extension.
• Exposure to high-impact cyber risk governance and executive reporting functions.
• Opportunity to work with advanced cybersecurity frameworks and enterprise GRC tools.
• Professional growth in cyber assurance, risk management, and governance domains.