Jr. Analyst, Security Governance, Risk & Compliance

Build Your Career at Aecon

Aecon is proud to build some of the most impactful infrastructure projects of this generation. From the roads and transit systems that connect our communities, to the communication networks that link us from coast-to-coast, and the water infrastructure that supplies our businesses and homes. Our integral work includes constructing the pipelines that join provinces with the energy that fuels the nation, and the airports and ports that connect us all. Aecon is there, safely and sustainably building the future.

We lead the infrastructure industry with purpose, and our people are at the heart of everything we do. Our business success relies on strong execution and continuous improvement – driven by the diversity , expertise and teamwork of our employees. We are always searching the globe for exceptional candidates to join the Aecon family and be a part of our forward-thinking, innovative, best-in-class organization!

At Aecon We

• Believe in helping you build your career through our Aecon University and Leadership Programs
• Are a leader in sustainable construction. With a strong commitment to operating responsibility by minimizing our impact on the environment and surrounding communities.
• Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being
• Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training.

Job Overview

We are seeking a highly motivated Jr Analyst, Security Governance, Risk and Compliance to join our team. The successful candidate will be responsible for assisting in the development, implementation, and management of the company's information security governance, risk, and compliance (GRC) program.

The Junior Security GRC Analyst will work with stakeholders across the organization to ensure that the company's information security policies, procedures, and controls are aligned with regulatory requirements and industry best practices.

Responsibilities

• Assist with performing security risk assessments and following up to ensure that identified security requirements have been implemented prior to go-live
• Assist in the development and implementation of the company's information security GRC program
• Stay current with regulatory requirements and industry best practices related to information security and compliance
• Collaborate with stakeholders across the organization to ensure that information security and compliance requirements are integrated into business processes
• Collect SOC2 reports and other supporting documentation from key vendors to ensure ongoing compliance with organizational security standards
• Assist in responding to audit requests and regulatory inquiries
• Assist in monitoring and reporting on the effectiveness and compliance of the company's information security program
• Conduct compliance checks and related activities to ensure security controls are in place and working effectively
• Assist in maintaining and updating the company's security controls library
• Coordinate quarterly access reviews and ensure appropriate sign-offs
• Assist in conducting risk assessments, vulnerability assessments, and gap analyses to identify security risks and compliance gaps
• Assist in developing policies and procedures related to information security and compliance

Qualifications

• Strong analytical and problem-solving skills
• Bachelor's degree in computer science, information security, or minimum 1 year related work experience
• Ability to work independently and as part of a team
• Understanding of information security and compliance frameworks such as NIST 800 series, ISO 27001/27002, PCI DSS, etc.
• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) would be an asset
• Excellent communication and interpersonal skills
• Familiarity with risk assessment methodologies and tools

Aecon fosters diversity , inclusion and belonging within and across our organization. We welcome all to apply including, women, visible minorities, Indigenous peoples, persons with disabilities, and persons of any sexual orientation or gender identity.

We are committed to adhering to the objectives and requirements outlined in the Accessible Canada Act (ACA), and to meeting the accessibility needs of persons with disabilities in a timely manner, through the implementation of the requirements of the ACA and its applicable regulations. If you require accommodation under the ACA Act during any step of the application process please click here.