CrawlJobs Logo
Randstad Logo Randstad · IT - Administration

Senior Security Specialist - Threat Risk Assessment

Canada, Toronto · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

Do you have knowledge and experience with the security & IT policies/standards of the Ontario government (e.g. Standards, Policies, Directives)? Do you have the ability to handle and secure sensitive information, detailing the due-diligence around storage/modification of received documents, records retention policies, identity management, and other controls in-place used to protect OPS information? If so, this would be a great opportunity for you! Our client is looking for a Senior Security Specialist - Threat Risk Assessment for a 12 month contract in Toronto. This is an onsite role. Rate:$615.1 - $649.64

Job Responsibility

  • Assesses internal and external threats and vulnerabilities of information systems and resources and the likelihood of these threats and resulting impacts. Where possible, reduce risks through system or organizational design
  • Implement security measures to prevent or mitigate, detect and respond to security threats and vulnerabilities to information systems and resources at the program and enterprise levels. Periodically review security measures to ascertain that the security measures are still sufficient and continue to operate as expected. Such reviews must also be performed whenever security incidents occur or business processes change
  • Defines, evaluates, and assesses security architecture requirements for systems environments and IT projects
  • Ensures the incorporation of IT security and contingency measures in the development of systems
  • Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities
  • protection of personal privacy issues
  • and appropriate industry and international security standards
  • Carry out information and information technology (I&IT) security projects and tasks in the Ontario Service as assigned by Corporate Security or cluster I&IT management

Requirements

  • Knowledge and experience with the security & IT policies/standards of the Ontario government (e.g. Standards, Policies, Directives)
  • Experience with operational optimization in a unionized Public Sector environment
  • Knowledge of Public Sector structure and policies, including: Relevant public policy objectives, principles, and constraints
  • Organizational culture/unionized Public Sector environment
  • Application of relevant legislation and policies (e.g., Conflict of Interest, Freedom of Information and Protection of Privacy Act (FIPPA), etc.)
  • Ability to handle and secure sensitive information, detailing the due-diligence around storage/modification of received documents, records retention policies, identity management, and other controls in-place used to protect OPS information

Nice to have

Prior OPS or Public sector experience

What we offer

Potential for extension

Randstad - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Specialist - Threat Risk Assessment

8 matching positions

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in sa...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent professional experience)
  • Minimum 7 years of experience in information security, IT risk management, or cybersecurity compliance, preferably in a federal or state agency environment
  • Demonstrated experience applying and interpreting NIST 800-53, OWASP, and DISA STIGs in real-world projects
  • Strong hands-on technical background in networking, system administration, or software development
  • Proficiency with SIEM tools—especially Splunk—for event correlation, alerting, and compliance reporting
  • Familiarity with Agile development environments and DevSecOps principles
  • Strong written and verbal communication skills, with the ability to create reports and briefings for technical and non-technical stakeholders
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical controls throughout the system development lifecycle (SDLC)
  • Identify and assess emerging security risks, weaknesses, and vulnerabilities associated with infrastructure, applications, and operations
  • Collaborate with developers and engineers to ensure identified risks are mitigated and documented effectively
  • Ensure compliance with federal and industry security standards including NIST SP 800-53, OWASP Top 10, Common Criteria, DISA STIGs, and SANS Institute recommendations
  • Support and contribute to Authorization to Operate (ATO) packages, including preparation of SSPs, POA&Ms, and continuous monitoring (ConMon) artifacts
  • Advise on policy alignment and security architecture improvements to support secure Agile delivery
  • Apply technical knowledge of networking, system administration, and development to assess the security posture of enterprise environments
  • Utilize Splunk to perform audit log analysis, generate system alerts, and support threat hunting and incident response activities
  • Recommend and implement automated logging, monitoring, and security reporting processes
  • Engage proactively with Agile development teams, product owners, and ISSOs to embed security into project planning and delivery
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right
New

Senior Business Information Security Specialist

The InfoSec team at JET is scaling its security partnership and vendor assurance...
Location
Location
United Kingdom
Salary
Salary:
Not provided
justeattakeaway.com Logo
Just Eat Takeaway.com
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated ability to execute security risk assessments and vendor reviews end-to-end, including evidence collection, gap analysis, and documented findings
  • Working knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls applied in a product or engineering context
  • Ability to communicate security risk clearly to both technical and non-technical audiences, without defaulting to jargon or compliance-speak
  • Familiarity with GRC concepts including risk management, controls design, and third-party assurance, gained through hands-on practice rather than solely policy work
  • Comfort working across multiple teams and geographies in a fast-moving environment, managing competing priorities without losing accuracy or rigour
Job Responsibility
Job Responsibility
  • Execute vendor security assessments by collecting, analysing, and documenting supplier control evidence, audit reports, and risk findings against defined frameworks including ISO 27001 and NIST CSF
  • Identify and document third-party security risks, recommending proportionate risk treatment options aligned to JET's risk appetite
  • Support threat modelling, secure design reviews, risk remediation recommendations and early-stage risk assessments alongside engineering teams as part of the secure development lifecycle
  • Translate security findings into clear, business-aligned risk language for product and stakeholders, reducing reliance on technical jargon
  • Maintain accurate risk registers, vendor assessment records, and reporting inputs that feed into executive-level risk dashboards
  • Build working relationships with business and technology teams across multiple markets, acting as a visible and trusted point of contact for security guidance
  • Fulltime
Read More
Arrow Right

Senior Data Scientist

We are seeking a Senior Data Scientist to join our Security Analytics team, lead...
Location
Location
Philippines , Makati City
Salary
Salary:
Not provided
avaloq.com Logo
Avaloq
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Lead and coordinate the Security Analytics team, including project planning, prioritization, and resource allocation
  • Perform data analysis and statistical modeling to uncover risks, anomalous patterns, and emerging threats
  • Apply machine learning and AI techniques (e.g., anomaly detection, clustering, risk scoring) to enhance threat detection and security insights
  • Develop dashboards, reports, and metrics for monitoring cloud security, IAM activity, network events, and operational risks
  • Aggregate and integrate data from multiple sources (logs, SIEM, cloud telemetry, vulnerability scans) for analysis
  • Collaborate with Security Engineers and Cloud Specialists to ensure data availability and quality
  • Identify trends, generate insights, and communicate findings to security, risk, and executive stakeholders
  • Mentor and guide team members, establishing best practices in data collection, analysis, and reporting
  • Support security risk assessments and operational metrics tracking for cloud environments
  • Contribute to the automation of analytics workflows for recurring reporting and operational dashboards
Job Responsibility
Job Responsibility
  • Leading the development of data-driven intelligence across cloud and application environments
  • Combining hands-on advanced analytics with team coordination
  • Ensuring the Security Analytics team delivers actionable insights, predictive models, and operational intelligence to strengthen cloud security posture
  • Working at the intersection of data science, cloud security, and risk management
  • Transforming complex telemetry into actionable security insights
What we offer
What we offer
  • Annual bonus
  • Flexible working
  • Instant recognition scheme
  • Access to Udemy for professional and personal learning
  • Fulltime
Read More
Arrow Right

Cloud Cyber Security Solutions Architect

Location
Location
Canada , Ottawa
Salary
Salary:
Not provided
myticas.com Logo
Myticas Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in IT / Cyber Security (cloud environments)
  • 3+ years as a Cloud Security Architect or senior specialist
  • experience in regulated enterprise environments
  • strong experience with cloud security architecture and governance
  • proven ability to assess security posture and define target-state architecture
  • experience with risk assessment, control gaps, and remediation
  • must be eligible for Secret clearance
  • must have required hardware for secure remote access (Windows 11, MFA capability, etc.)
Job Responsibility
Job Responsibility
  • Provide cloud security, cyber security, and technology risk advisory services
  • assess current and target-state cloud security architectures
  • identify security risks, control gaps, and recommend mitigation strategies
  • design and govern cloud security controls (IAM, network security, data protection, monitoring)
  • develop security standards, policies, and reusable architecture artifacts
  • conduct threat modelling for cloud and migration initiatives
  • translate technical risks into business impacts and recommendations
  • support implementation, governance, and compliance activities
  • deliver documentation, reporting, and stakeholder presentations
  • provide SME guidance and knowledge transfer to internal teams
Read More
Arrow Right

AI Security Delivery Lead

Location
Location
United Kingdom , Knutsford; London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical Acumen in AI Security: Strong understanding of core cybersecurity domains including identity, data protection, application, and cloud security, and how they apply to AI/ML systems, including AI-specific threats such as prompt injection, model poisoning, and model theft.
  • Strategic & Analytical Thinking: Ability to translate enterprise security objectives into practical, risk-based delivery guidance
  • assess complex AI solutions, prioritise risks by business impact, and balance innovation with security and compliance.
  • Leadership & Influence: Proven capability to lead specialist teams and influence senior stakeholders across a matrix organisation, clearly articulating AI security risk in business terms and gaining buy-in at CTO/CIO and executive forum level.
Job Responsibility
Job Responsibility
  • Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
  • Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
  • Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
  • Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
  • Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
  • Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
  • Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Director of Physical Security & Compliance

Crusoe is expanding our hyper-scale AI and high-performance computing (HPC) data...
Location
Location
United States , San Francisco
Salary
Salary:
225000.00 - 280000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in physical security or mission-critical infrastructure
  • Deep knowledge of operating physical security technologies and system design
  • Experience with in a high-availability environment
  • Experience implementing controls for SOC 2, ISO, NIST, and similar frameworks
  • Proven ability to manage multi-site security operations and compliance programs
  • Strong incident management and risk assessment background
  • Experience designing or scaling enterprise security systems across multi-site environments
  • Strong understanding of SOC 2, ISO 27001, NIST, and related frameworks
  • Background managing guard operations, access control, and incident response
  • Ability to lead programs from zero-to-one and influence senior stakeholders
Job Responsibility
Job Responsibility
  • Operationalize the global physical security strategy, and ensure data center alignment with enterprise security standards, and policies
  • Implement the security risk framework within Data Center Facility Operations
  • Translate enterprise security requirements into site-specific designs for new campuses
  • Conduct site-level security risk and threat assessments
  • Establish a scalable security operations model for 50–400 MW hyper-scale facilities
  • Own the operational lifecycle of dedicated physical security systems (ACS, VSS, IDS)
  • Execute site-level operational controls to ensure adherence to compliance programs for SOC 2, ISO 27001/27002, NIST 800-53, and other regulations
  • Maintain operational documentation, logs, and evidence of adherence to established internal controls
  • Maintain year-round audit readiness for physical access to cages, racks, and on-site office rooms
  • Ensure operational availability, resiliency, and scalability of security infrastructure
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

Senior Cloud Security Assurance

The Senior Cloud Security Assurance role at NTT DATA involves developing secure ...
Location
Location
Romania , Cluj
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Cybersecurity, or a relevant IT field (Master’s degree preferred)
  • Minimum 5-10 years experience in cybersecurity
  • Experience of at least 2+ years in security architecture, compliance, and cloud security roles
  • Working with frameworks such as ISO 27001, NIS/NIS2, or NIST CSF
  • Deep understanding of cloud security principles including management of GCP and AWS platforms
  • Familiarity with IAM, CASB, SIEM, and container security solutions
  • CISSP or SABSA certifications preferred
  • Cloud-specific certifications preferred (e.g., AWS Security Specialty, Azure Solutions ArchitectA)
  • Proven ability to collaborate across diverse technical teams, influencing senior stakeholders in an advisory capacity
  • Excellent communication and presentation skills for delivering complex technical concepts to non-specialist audiences
Job Responsibility
Job Responsibility
  • Translate business and compliance requirements into practical, well-documented security architecture designs using recognized frameworks (e.g., ISO 27001, NIST, CIS)
  • Develop, document, and maintain consistent secure architectural patterns with an emphasis on cloud security (AWS, GCP)
  • Implement threat-informed design principles, integrating zero trust architectures and defensive depth strategies to address security gaps and enhance resilience
  • Maintain alignment between security policies, enterprise architecture principles, and client expectations
  • Conduct comprehensive risk assessments and threat modeling to evaluate existing or proposed architectures for vulnerabilities
  • Provide actionable mitigation strategies informed by a risk-based approach and evolving threat intelligence data
  • Participate in or support incident response initiatives, aiding in root cause analysis and the development of post-incident recommendations
  • Act as a trusted advisor to clients by engaging in technical discussions to inform strategic security decisions
  • Collaborate cross-functionally with development, operations, and engineering teams to validate that security controls are effectively implemented across the development lifecycle
  • Deliver technical insights in presentations, workshops, and reports tailored to both technical and executive audiences
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Senior Cloud Security Assurance

NTT DATA is one of the world's largest global security service providers, partne...
Location
Location
Romania , Cluj
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Cybersecurity, or a relevant IT field (Master’s degree preferred)
  • Minimum 5-10 years experience in security architecture, compliance, and cloud security roles, working with frameworks such as ISO 27001, NIS/NIS2, or NIST CSF
  • Deep understanding of cloud security principles including management on AWS, and GCP platforms
  • Familiarity with IAM, CASB, SIEM, and container security solutions
  • CISSP or SABSA certifications required
  • Cloud-specific certifications preferred (e.g., AWS Security Specialty, zure Solutions ArchitectA)
  • Direct experience working in government, military, or intelligence organizations advantageous
  • Must meet UK SC Clearance eligibility guidelines
  • Proven ability to collaborate across diverse technical teams, influencing senior stakeholders in an advisory capacity
  • Excellent communication and presentation skills for delivering complex technical concepts to non-specialist audiences
Job Responsibility
Job Responsibility
  • Translate business and compliance requirements into practical, well-documented security architecture designs using recognized frameworks (e.g., ISO 27001, NIST, CIS)
  • Develop, document, and maintain consistent secure architectural patterns with an emphasis on cloud security (AWS, GCP)
  • Implement threat-informed design principles, integrating zero trust architectures and defensive depth strategies to address security gaps and enhance resilience
  • Maintain alignment between security policies, enterprise architecture principles, and client expectations
  • Conduct comprehensive risk assessments and threat modeling to evaluate existing or proposed architectures for vulnerabilities
  • Provide actionable mitigation strategies informed by a risk-based approach and evolving threat intelligence data
  • Participate in or support incident response initiatives, aiding in root cause analysis and the development of post-incident recommendations
  • Act as a trusted advisor to clients by engaging in technical discussions to inform strategic security decisions
  • Collaborate cross-functionally with development, operations, and engineering teams to validate that security controls are effectively implemented across the development lifecycle
  • Deliver technical insights in presentations, workshops, and reports tailored to both technical and executive audiences
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right