Senior Risk/Compliance Specialist
Job Description
Senior Risk/Compliance Specialist (Contract – 6 Months)
📍 Location: 277 Front Street West, Toronto, ON (Hybrid)
📄 Job Type: Contract (6 Months)
We are seeking an experienced Senior Risk/Compliance Specialist to join our Cybersecurity & Risk Management team. This is a high-impact, contract role where you will lead critical risk assessments, shape cybersecurity governance, and collaborate across diverse teams to ensure our systems are secure, compliant, and forward-looking.
If you’re a proactive cybersecurity professional with a solid background in GRC, third-party risk, and compliance frameworks, we’d love to hear from you.
✅ What You’ll Do
Lead security and vendor risk assessments, identifying gaps and developing mitigation strategies.
Conduct detailed third-party security evaluations and communicate findings to stakeholders.
Develop and implement cybersecurity governance frameworks, policies, and procedures.
Support audits and regulatory compliance efforts with precise documentation and analysis.
Collaborate with internal stakeholders, vendors, and cross-functional teams on cybersecurity requirements.
Recommend and implement security controls to address identified project-based risks.
Participate in the development and maintenance of security standards, processes, and procedures.
Drive ongoing compliance with regulatory requirements and Metrolinx security standards.
🧠 What You Bring
7+ years of experience in information security, including working on large security projects.
Expertise in governance, risk management, compliance (GRC), and third-party/vendor security evaluations.
Experience working with frameworks such as PCI-DSS, ISO 27001, NIST.
Proficient with tools like ServiceNow, OneTrust, Audit Board.
Strong communication and stakeholder engagement skills.
Experience supporting audits and regulatory assessments.
Proficiency in Microsoft Office tools: Excel, PowerPoint, Word, Visio, PowerBI.
Security certifications: CISSP, CISM, CCSP, or CISA.
⭐ Nice to Have
Experience with cybersecurity in transit, infrastructure, or regulated sectors.
Familiarity with agile development, secure coding, and network security.
📩 For more details or to refer a candidate, please contact me directly or apply via email to tinak@corgta.com.
