Our Client is seeking a Cybersecurity GRC & Business Continuity Program Analyst to join their team.
Must be local to Regina, SK, fully on site requirement.Role OverviewWe are seeking a seasoned
Governance, Risk & Compliance (GRC) and Business Continuity (BC) Analyst to join our Enterprise Security team. This role is pivotal in safeguarding both corporate IT infrastructure and Industrial Control Systems (ICS/SCADA). You will be responsible for maturing our security governance framework, managing enterprise risk, and ensuring operational resilience through robust business continuity planning.
Key Responsibilities
Governance & Policy: Develop, maintain, and update security governance frameworks, policies, and standards to align with evolving security trends and regulatory requirements.
Risk Management: Lead comprehensive Threat and Risk Assessments (TRAs) and third-party security risk assessments. Document and manage risk exceptions through the corporate risk register.
Compliance & Audit: Conduct regular security compliance reviews. Act as the primary liaison for internal and external audits, overseeing evidence collection and remediation reporting.
Business Continuity: Design and maintain Business Continuity and Disaster Recovery (BCDR) programs to ensure organizational resilience.
Operational Security: Support change management compliance monitoring and provide security oversight for both IT and ICS/SCADA environments.
Security Culture: Lead cybersecurity awareness, training, and incentive programs to foster a security-conscious culture across the organization.
Qualifications & RequirementsProfessional Experience
Security Governance: Minimum 5 years of recent, practical experience in a dedicated security governance role.
Security Operations: Minimum 5 years of experience working within a formal security team.
Business Continuity: Demonstrated experience in developing and maintaining BCDR programs.
Audit & GRC: Proven track record in conducting audits, regulatory compliance monitoring, and utilizing GRC tools/frameworks.
Technical & Professional Skills
Deep understanding of security principles, practices, and emerging threat landscapes.
Experience with Industrial Control Systems (ICS) and SCADA environments.
Proficiency in creating high-quality security documentation, processes, and procedures.
Strong interpersonal skills with the ability to collaborate across IT, SCADA, and Automation teams.
Certifications & Education
Required: Active security certification (e.G., CISSP, CISM, or CISA).
Preferred: Business Continuity certification (e.G., ABCP, CBCP).
Asset: Hands-on technical security experience to complement governance expertise.