Information Security Specialist

Information Security Specialist – Risk, Governance & Audit (12-Month Contract)
📍 Toronto, ON (Hybrid)
💲 Up to $80/hr
📅 12-month contract
👤 7+ years experience required
We are seeking a Senior Information Security / Technology Risk Specialist to join a Vulnerability Remediation and Security Governance function focused on enterprise-wide control frameworks, audit readiness, and regulatory compliance.
This is a high-visibility role working across Infrastructure, Engineering, Risk, and Internal Audit teams to strengthen security governance and ensure all technology controls are well-defined, measurable, and audit-ready across a large enterprise environment.
🔎 Role Overview
The successful candidate will play a key role in supporting and enhancing technology risk management, audit compliance, and governance frameworks, with a strong focus on:
Internal audit and regulatory compliance support
Technology risk and control assessments
Security governance and framework development
Control gap identification and remediation planning
Enterprise reporting (KPIs / KRIs) and executive communication
Supporting or contributing to a Centre of Excellence (COE) model
🧠 Key Responsibilities
Lead support for audit and regulatory compliance initiatives
Conduct risk assessments and control evaluations across infrastructure and security environments
Identify, document, and track control gaps, risks, and remediation actions
Support ORM, Internal Audit, and regulatory engagements
Develop and maintain security governance reporting (KPIs / KRIs)
Ensure all evidence and documentation is audit-ready and defensible
Collaborate with Infrastructure and Engineering teams to align security controls
Contribute to governance frameworks and COE operating models
🔑 Must-Have Experience
7+ years in Information Security, IT Risk, or Cyber Governance
Strong experience in audit, ORM, and regulatory compliance
Hands-on exposure to control testing and risk assessments
Experience supporting internal/external audit processes
Strong understanding of technology controls and security frameworks
Experience working in banking or large enterprise environments
Exposure to infrastructure or vulnerability remediation environments
🧰 Tools & Frameworks
GRC platforms
JIRA
Confluence
SharePoint
⭐ Nice to Have
Certifications: CISA, CISM, CRISC, CISSP
Experience building or supporting a Centre of Excellence (COE)
Strong KPI / KRI reporting and governance experience
Background in large-scale regulated financial environments
👤 Ideal Candidate
You are someone who has:
Worked in highly regulated enterprise environments
Led or supported audit remediation or regulatory programs
Strong understanding of technology controls and governance frameworks
Experience producing executive-level risk reporting
Helped mature or build security governance processes or COEs
Send your resume to tinak@corgta.com