Senior Risk​/Compliance Specialist

We are seeking a Senior Risk/Compliance Specialist to lead and coordinate comprehensive risk assessments across a diverse portfolio of enterprise systems. This role is responsible for interpreting complex policies, legislation, and standards to provide actionable advice for executive management. You will bridge the gap between high-level regulatory requirements and technical implementation, ensuring that security architecture, access controls, and development processes align with established internal control frameworks.

Pay Rate: $56.6 - $62.07/Hr

• Strategic Impact:
  Play a critical role in protecting organizational data and ensuring compliance across high-profile digital transformation initiatives.
• Technical Versatility:
  Work at the intersection of information security, privacy, and modern development methodologies.
• Collaborative Leadership:
  Act as a key advisor to executive leadership, influencing the risk posture of a major enterprise organization.
• Flexible Hybrid Model:
  Maintain a healthy work-life balance with a structured 3-day onsite and 2-day remote schedule.

• Risk Assessment & Management:
  Coordinate and perform risk assessments against a wide variety of inputs. Analyze data from various sources to identify, assess, and prioritize risk remediation.
• Control Design & Mapping:
  Leverage a deep understanding of internal control frameworks to design, map, and scope controls that mitigate identified vulnerabilities.
• Compliance Advisory:
  Interpret requirements from various standards and legislation (e.g., FIPPA, PHIPA, or NIST) and translate them into actionable implementation plans for technical and business teams.
• Technical Oversight:
  Provide expertise in logical access control, secure coding principles, and security architecture to ensure privacy and security are embedded throughout the project lifecycle.
• Agile Integration:
  Advise on risk management within an Agile development process, ensuring that compliance requirements are integrated into sprints without hindering velocity.
• Gap Analysis & Remediation:
  Lead comprehensive gap analyses to identify deficiencies in current state controls and drive the development of remediation strategies to meet future state requirements.
• Stakeholder Communication:
  Deliver exceptional verbal and written communications to convey complex risk findings and solutions to both technical specialists and non-technical executives.

• Expertise in Controls (7+ years):
  Demonstrated experience with internal control frameworks, control mappings, and scoping within large-scale, complex environments.
• Technical Proficiency (7+ years):
  Strong understanding of logical access control, Agile development processes, security architecture, and information/network security.
• Risk & Remediation Mastery (7+ years):
  Proven expertise in conducting gap analyses, risk assessments, and the design/implementation of remediation plans.
• Analytical
  
  Skills:
  
  Ability to interpret requirements from diverse standards and translate them into technical implementation.
• Public Sector
  
  Experience:
  
  (Must Have) Previous experience working within a public sector organization of equivalent size and complexity.
• Education:
  
  University degree in Computer Science, Information Security, Risk Management, or a related field.
• Desirable Tools:
  Experience utilizing GRC (Governance, Risk, Compliance) tools to track and monitor organizational risk profiles.

If you are a Senior Risk/Compliance Specialist with a decade of experience navigating complex control frameworks and a passion for securing Agile environments, we encourage you to apply today!

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. We are dedicated to increasing equity, diversity and inclusion throughout the recruitment, retention and advancement of all employees. We respect human rights and support accessibility and accommodation needs throughout the employment lifecycle. Please identify any accommodation requirements by emailing