Information Security jobs in Ontario

As the Senior Goverance, Risk and Compliance (GRC) Consultant, you will serve as a trusted advisor to our clients, providing both tactical and strategic recommendations that align with their business goals and compliance obligations. You will lead the design and implementation of tailored cybersecurity programs that support operational resilience, regulatory readiness, and client trust.

This is a high-impact role suited for a professional with deep knowledge of GRC frameworks and exceptional client advisory skills.

To apply please visit our website and apply through online application.

Key Responsibilities

• GRC Advisory & Implementation: Lead clients through the planning, design, configuration, and transition phases of governance, risk, and compliance programs, ensuring alignment with business objectives and risk tolerance.
• Security Control Assessment: Assess technical and procedural security controls to evaluate their maturity, effectiveness, and compliance against industry standards and frameworks such as ISO/IEC 27001, NIST SP 800-53, PCI DSS, COBIT, HIPAA, and NERC CIP.
• Privacy Compliance: Analyze privacy practices and controls for compliance with regulations such as GDPR, FIPPA, PIPEDA, and PIPA. Recommend improvements to ensure privacy assurance and reduce regulatory risk.
• Security Program Development: Design and develop client-specific security governance structures, policies, and processes. Build scalable and sustainable information security programs to support client growth and compliance objectives.
• Risk-Based Recommendations: Provide strategic and tactical security recommendations to help clients optimize budgets while strengthening security posture across operations, systems, and processes.
• Client Engagement & Communication: Build trusted relationships with client stakeholders. Deliver compelling presentations, reports, and strategic roadmaps tailored to executive and technical audiences.
• Internal Process Optimization: Contribute to the development and refinement of Mirai’s GRC service delivery methodologies and best practices.
• Representation & Thought Leadership: Represent Mirai with integrity, professionalism, and subject-matter expertise in both client-facing engagements and the broader industry community.

You Will Have:

• 5+ years of experience in cybersecurity governance, risk, and compliance roles, preferably in a consulting or client-facing capacity.
• ISO/IEC 27001 and ISO 42001 Lead Auditor Certification, as well as CMMC experience
• Not required but would be an asset is experience or certification in PCI DSS, and/or FedRAMP.
• Familiarity with industry-specific compliance challenges across various sectors.
• Strong understanding of privacy laws and regulations including GDPR, PIPEDA, and FIPPA.
• Demonstrated experience developing security policies, risk management strategies, and governance frameworks.
• Ability to perform control assessments and gap analyses with actionable recommendations.
• Excellent verbal and written communication skills, including experience working with senior stakeholders.
• Strong client presence, professionalism, and stakeholder engagement skills.
• Comfortable working independently and remotely, while managing multiple client projects.
• A positive, can-do, customer-focused attitude.
• Proficient with the M365 suite of products.
• Demonstrated ability to communicate effectively with team members from various disciplines, cultures, and backgrounds.
• Bonus: Fluency in additional languages enhances your ability to effectively support our international clientele.

Job Types: Full-time, Part-time

Pay: $115,000.00-$135,000.00 per year

Benefits:

• Dental care
• Employee assistance program
• Flexible schedule
• Life insurance
• Paid time off
• Tuition reimbursement
• Vision care

Experience:

• Cybersecurity: 5 years (required)

Licence/Certification:

• ISO/IEC 27001 Lead Auditor Certification (required)

Work Location: Remote