×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Governance Risk and Compliance Security Analyst

Job in Toronto, Ontario, C6A, Canada
Listing for: Scarborough Health Network
Full Time position
Listed on 2026-06-22
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 46876 - 54342 CAD Yearly CAD 46876.00 54342.00 YEAR
Job Description & How to Apply Below
## Governance Risk and Compliance Security Analyst Apply locations:
Centenary Hospital time type:
Full time posted on:
Posted Todayjob requisition :
JR106133

Job Number: JR106133

Job Title:

Governance Risk and Compliance Security Analyst Job Category:
Professional Hospital

Location:

Centenary Site Job Type: Permanent, Full time Number of Positions: 1

Minimum - Maximum Hourly Rate: $46.876 - $54.342

Hours:

Days  Across our three hospitals and eight satellite sites,
** Scarborough Health Network (SHN)
** is shaping the future of care. Our many programs and services are designed around the needs of one of Canada’s most vibrant and diverse communities. We are home to North America’s largest nephrology program, as well as the designated cardiac care and spine centre for Scarborough and surrounding communities to the east. We are proud to be a community-affiliated teaching site for the University of Toronto and partner with a number of other universities and colleges, helping to train the next generation of health care professionals.

SHN is the recipient of the 2021 Excellence in Diversity and Inclusion Award, from the Canadian College of Health Leaders, for our leading edge work on Communities of Inclusion, Inclusion Calendar, Health Equity Certificate Program and much more. We are also proud to be named
** Canada’s Most Admired Corporate Cultures for 2023 – 2025
** and
** Greater Toronto's Top Employers for 2026.
** Learn more at
*
* Job Description:

***
* Position Overview:

** Scarborough Health Network is in the midst of an exciting transformational journey. The Governance, Risk and Compliance (GRC) Analyst is responsible for supporting the information security direction of the organization and elevating the overall security posture to meet the changing needs of the diverse community in alignment with SHN’s strategic plan. This role will be of interest to individuals with strengths in communication, quantitative and qualitative data collection and analysis, stakeholder engagement and strategic development.

The position requires both an understanding of legacy systems in a healthcare organization, as well as new technologies and requirements. This position will have a primary focus on three major areas: (1) Information Security Governance & Compliance (2) Information Security Risk Management and (3) Security Awareness & Training.
As part of SHN’s Information Security team, the ideal candidate will support Scarborough Health Network’s strategic plan where the Information Security program will be a Centre of Excellence, committed to providing high quality comprehensive security requirements and obligations mandated by standards and regulations such as NIST CSF, PHIPA and ISO
27001. The ideal candidate will not only contribute to SHN’s Information security team’s mission to not only secure SHN, but also to contribute to the security of the wider provincial healthcare ecosystem. The candidate might share knowledge through public presentations and industry events, and share insights with the wider community or represent SHN in sector-specific governance bodies.
*
* Key Responsibilities:

**
* * Governance and Compliance:
* Develop and implement data security risk reporting frameworks aligned with NIST Cybersecurity Framework and Ontario Health guidelines for management teams and governance committees. Design and document technical, administrative, and physical controls to ensure compliance with regulatory obligations.
* * Risk Assessments:
* Conduct risk assessments to identify vulnerabilities internally and within vendor or third-party suppliers. Identify, evaluate and monitor information security risks and controls based on established risk criteria and recommend mitigation and remediation guidelines.
*
* Risk Management:

* Analyze and improve SHN’s information security risk management practices. Advise senior leadership on risk management strategies, including risk mitigation, risk reduction, risk transfer, and residual risk analysis. Develop templates and documentation materials to help with self-managed risk management actions.
* * Policy Management:
* Create, maintain, communicate, and enforce information security policies.
* *…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search