Security Analyst III – AI Governance & Cloud Risk

About the role

We are looking for a Security Analyst III to support a leading financial institution in Toronto. The role focuses on assessing and governing risk for cloud, generative AI, and other technology projects, ensuring alignment with global information risk standards.

Key responsibilities

• Conduct comprehensive risk assessments for IaaS, PaaS, SaaS and generative AI initiatives.
• Develop and implement AI governance frameworks that align with global risk methodologies.
• Integrate risk frameworks with architecture reviews, project risk management, and Business Continuity & Disaster Recovery processes.
• Prioritize tasks to deliver timely governance assessments and updates.
• Advise project teams on risk impacts, provide stakeholder updates, and ensure peer‑review of risk assessments.
• Support operational security activities such as incident response, vulnerability management, and firewall reviews.
• Deliver training on risk assessment processes and security best practices.
• Respond to audits, regulatory reviews, and risk/control self‑assessments.

Required profile

• Bachelor’s degree in Computer Science, IT, Data Science, Business Administration or related field.
• 5+ years of experience in information risk management, vendor risk, project risk, IT audit or controls assessment.
• Strong knowledge of cloud security across IaaS, PaaS, SaaS environments.
• Familiarity with regulatory frameworks such as NIST, ISO 27001, GDPR, Sarbanes‑Oxley and the EU AI Act.

Required skills

• Cloud security (IaaS, PaaS, SaaS)
• Generative AI risk assessment
• Network, application and identity‑access security
• Vulnerability management and firewall administration
• Incident response processes
• Knowledge of NIST, ISO 27001, GDPR, Sarbanes‑Oxley, EU AI Act

What we offer

• Hybrid work environment
• 6‑month contract with potential extension
• Competitive hourly rate starting at $52 CAD