×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Cybersecurity Risk Analyst

Job in Mississauga, Ontario, Canada
Listing for: Katz Group Canada
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

What you are looking for:

  • A closely connected culture
  • A total rewards package meant to enhance your work-life flexibility
  • Fully utilizing your talent
  • Professional growth and development via challenging projects and assignments
  • Warm and fuzzy feelings knowing you have helped your community, your team, the business and social causes through the Rexall Care Network

    • This new role reporting to the Manager, Cybersecurity Risk Management and Compliance, the Cybersecurity Risk Analyst supports the Cybersecurity Risk Management & Compliance Manager in implementing and maintaining the organization’s cybersecurity governance, risk, and compliance (GRC) program. This role is responsible for assisting in the development and enforcement of information security policies, conducting vendor security reviews, managing periodic control assessments, supporting compliance initiatives (such as PCI DSS), coordinating security awareness activities, and helping ensure that cybersecurity risks are identified and managed effectively across the enterprise.

    This position requires strong attention to detail, a solid understanding of security and compliance principles, and the ability to collaborate with both business and technical stakeholders.

    What you’ll be doing:

  • Support the execution of the organization’s cybersecurity risk management process, including identification, assessment, tracking, and mitigation of security risks.
  • Assist with maintaining compliance with security frameworks and regulatory standards (e.g., PCI DSS, PIPEDA, NIST CSF, ISO 27001, CIS Controls)
  • Collect and organize audit evidence for internal and external audits; follow up on remediation activities for identified findings.
  • Conduct vendor risk assessments (VRA) by reviewing security documentation, questionnaires, and controls, and track remediation actions.
  • Maintain and update the information security and privacy application inventory, ensuring classification and ownership are accurate.
  • Assist in the development, review, and communication of security policies, standards, and procedures.
  • Help ensure policies remain current with regulatory and industry best practices.
  • Track compliance exceptions and coordinate corrective actions
  • Support the organization’s cybersecurity awareness and phishing simulation programs, including tracking participation and metrics
  • Develop and distribute awareness materials, newsletters, or campaigns in collaboration with the Cybersecurity team
  • Conduct quarterly user access reviews, firewall rule reviews, and other periodic control checks
  • Document and track control findings and remediation plans
  • Prepare summary reports for management review
  • Support the security incident response process, including evidence collection, documentation, and post-incident review
  • Participate in annual tabletop exercises and help update response playbooks as needed
  • Assist in preparing security metrics, dashboards, and risk reports for management.
  • Monitor industry developments, threat trends, and emerging regulations to support continuous program improvement
  • Work in a cooperative manner with the IT Organization
  • Perform other duties as assigned to support Rexall Pharmacy Group Ltd.

    • Knowledge, skills and experience:

  • Bachelor’s degree in information security, Information Technology, Computer Science, or a related field.
  • 2–5 years of experience in information security, IT audit, or risk and compliance roles
  • Understanding of common cybersecurity frameworks (NIST, ISO 27001, CIS Controls, PCI DSS)
  • Experience with security risk assessments, vendor risk reviews, or audit evidence collection
  • Strong understanding of IT systems, cloud environments, network security, and data protection fundamentals
  • Proficient in using GRC platforms or tracking spreadsheets for risk/compliance activities
  • Familiarity with security tools and software such as SIEM (Security Information and Event Management) systems, vulnerability scanners, and penetration testing tools.
  • Experience with cloud security and securing virtualized environments.
  • Knowledge of regulatory compliance standards such as PIPEDA, or PCI DSS.
  • Previous experience in incident response and handling security breaches.
  • Systems administration experience,…
    • Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search