Information Security Risk Analyst

TL;DR

Information Security Risk Analyst: Supporting the identification, assessment, and management of information security risks with an accent on maintaining risk registers, monitoring remediation actions, and assisting with vendor security risk assessments. Focus on coordinating IT General Controls framework, participating in user access reviews, and supporting compliance activities against security frameworks like SOC 2 and PCI.

Location: Remote (North America only)

Compensation: $84,000–$100,000 CAD

Company

hirify.global is a leading technology company that empowers marketers to reach, engage, and convert audiences with precision using its AI-powered marketing platform.

What you will do

• Support identification, assessment, and management of information security risks, including maintaining risk registers and monitoring remediation.
• Assist with vendor security risk assessments during onboarding and ongoing reviews.
• Contribute to customer security assurance activities by completing security questionnaires.
• Help coordinate hirify.global’s centralized IT General Controls framework for security, compliance, and governance.
• Participate in governance of recurring user access reviews (UARs) and segregation of duties (SoD) assessments.
• Assist with compliance activities against security frameworks and standards (e.g., SOC 2, PCI).

Requirements

• Interest in information security governance, risk, and compliance (GRC).
• Understanding of information security and risk management concepts.
• Awareness of security frameworks or standards (e.g., ISO 27001, NIST, SOC 2) and/or IT compliance frameworks (e.g., Sarbanes–Oxley (SOX)).
• Strong attention to detail and ability to work with documentation and evidence.
• Ability to work collaboratively with technical and non-technical stakeholders.
• Must be located anywhere in North America.

Nice to have

• 1 to 3 years of experience in a related field.
• Bachelor’s degree (or higher) in cyber security, information technology, risk management, law, or business.
• Experience supporting risk assessments, audits, or control testing activities.
• Experience in designing, implementing, and/or managing application user access reviews and segregation of duties reviews.

Culture & Benefits

• Highly competitive salary and competitive Paid Time Off packages including birthdays off.
• Access to a comprehensive mental health care program and health benefits from day one.
• Work from home reimbursements and optional global WeWork membership.
• Robust training, onboarding program, and coverage for personal development initiatives.
• Awesome parental leave program and a friendly, welcoming, and supportive culture.