Information Services Co-op, GRC & Contracts
Job in
Toronto, Ontario, M5A, Canada
Listing for:
Aecon
Contract
position
Listed on 2026-02-27
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
What is the Opportunity?
The Information Services Co-op, GRC & Contracts role provides a unique blend of experience across cybersecurity governance, risk, and compliance while gaining hands-on exposure to IT contract management and vendor engagement. In this role, you will help ensure our security policies and controls align with regulatory and industry standards while supporting procurement activities tied to technology solutions and services. Please note this is a 4-month co-op opportunity.
What You’ll Do Here:
Security Governance, Risk & Compliance:
Assist in the development, maintenance, and implementation of the Information Security GRC program.Conduct risk assessments, vulnerability assessments, and gap analyses to identify security risks and compliance gaps.Support the creation, review, and updating of security policies, standards, SOPs, and process documentation.Maintain and update the organization’s security controls library.Perform compliance checks to ensure security controls are implemented and functioning as intended.Assist in collecting evidence for audits, assessments, and certification activities (e.g., SOC 2, ISO, internal audits).Collaborate with stakeholders across Information Services and business units to embed security and compliance requirements into processes and projects.IS Contracts & Vendor Management:
Support the review and processing of IT-related procurement requests, including software renewals, new tools, hardware, SaaS platforms, and professional services.Assist in drafting, reviewing, and organizing contract documentation such as Statements of Work (SOWs), Master Service Agreements (MSAs), and Data Processing Agreements (DPAs).Work with the Procurement team and IS leadership to ensure contracts align with security, legal, and compliance requirements.Coordinate with vendors to gather necessary documentation, clarify contract requirements, and track deliverables.Support RFX processes (RFQs, RFIs, RFPs) by helping prepare documents, consolidate vendor responses, and evaluate submissions.Help maintain vendor records, contract repositories, renewal calendars, and risk assessments in collaboration with IT and Procurement.Assist in monitoring vendor performance and compliance with contractual obligations, including cybersecurity expectations.What You Bring to the Team:
Currently enrolled in a Computer Science, Information Security or equivalent programFamiliarity with risk assessment methodologies and toolsStrong analytical and organizational skills with high attention to detail.Excellent communication skills with the ability to collaborate across teams.Ability to manage multiple tasks, prioritize effectively, and work in a fast-paced environment.Experience with Excel, SharePoint, or document management tools is an asset.Reason for vacancy:
New position
The expected hourly pay for this opportunity is $22.00-$25.00
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
