Senior Cybersecurity Operations Analyst

Senior Cybersecurity Operations Analyst (Level 18) / Principal Cybersecurity Operations Analyst (Level 19), Governance, Risk and Compliance (GRC) Export Development Canada (EDC) invites applications for the Senior Cybersecurity Operations Analyst (Level 18) or Principal Cybersecurity Operations Analyst (Level 19) to strengthen our Governance, Risk and Compliance team in Ottawa, Canada. Our mission is to enable Canadian businesses to expand globally by providing innovative financial solutions and expertise. Application deadline: November 27, 2025 Position: Senior Cybersecurity Operations Analyst (Level 18) / Principal Cybersecurity Operations Analyst (Level 19), Governance, Risk and Compliance (GRC) Employment type: Permanent Compensation:Security Operations 18: $94,664 – $126,219 annually (plus performance‑based incentive).Security Operations 19: $109,810 – $146,413 annually (plus performance‑based incentive). Hybrid work environment: required to work in the office 2 days per week (subject to change). Work location options: EDC headquarters in Ottawa or one of our Community Hubs in Toronto, Mississauga, Montreal, Laval, or Brossard. Relocation assistance is available for eligible candidates. EDC is dedicated to fostering employment equity and building a diverse workforce. We provide a culture of inclusion and belonging where everyone has the opportunity to grow, succeed, and be their truest selves. Team and Job Overview The Digital & Technology Solutions group, established in 2023, delivers secure and reliable digital experiences. As part of this team, you will support cybersecurity governance, risk management, and compliance initiatives to align with industry best practices and regulatory requirements. What You Will Be Doing Develop and maintain cybersecurity governance frameworks, policies, standards, and guidelines. Lead risk assessments, ensure mitigation strategies, and support risk oversight. Manage compliance monitoring, handle exemptions, and enforce policies. Support audits and assessments, preparing documentation and coordinating responses. Collaborate with IT, Legal, and business units to align cybersecurity practices. Maintain awareness of emerging threats, vulnerabilities, and regulatory changes. Provide guidance and training on GRC and risk management topics. Use insights from security operations to inform risk management strategies. Contribute to metrics and reporting for cybersecurity governance. Recommend prioritization and guide the team for efficient execution. Establish policies, standards, and procedures to meet regulatory and industry best practices. Assess, select, and coordinate implementation of GRC technologies and tools. Partner with external channels, service communities, and managed services for enterprise risk integration. Promote control adoption and a customer‑focused culture to strengthen client relationships. Drive continuous process improvements to enhance compliance and service delivery. Coordinate third‑party risk management, review assessments, and monitor vendors. What We Are Looking For Bachelor’s degree in Computer Science, Information Security, or a related field. Minimum of 7 years (for Level 18) or 10 years (for Level 19) in cybersecurity focused on governance, risk, and compliance. Strong knowledge of frameworks such as NIST CSF, NIST 800‑53, ISO 27001/27002/27005, and CMMI. Hands‑on experience with governance, risk assessment methodologies, and compliance audits. Excellent communication skills and stakeholder management. High initiative and ownership. Ability to adapt in a fast‑paced, evolving environment. Collaborative mindset with a problem‑solving attitude. What Will Make You Stand Out Master’s degree in Information Security, cybersecurity, computer science, or a related field. Familiarity with CMMI frameworks and process maturity models. Experience preparing executive‑level presentations, dashboards, KPIs, and strategic insights. Hands‑on experience with GRC applications. Professional certifications such as CISSP, CISM, CRISC, CISA, or equivalent. Bilingual proficiency in English and French. Eligibility EDC requires Canadian citizenship or permanent residency and the ability to meet government security screening requirements. We encourage applications from women, Indigenous peoples, visible minorities, persons with disabilities, and members of the LGBTQI+ community. Submit your application by the closing date to join our growing cybersecurity team and make a lasting impact. Apply today To learn more about EDC, visit our website. EDC is dedicated to fostering employment equity and building a diverse workforce. We provide a culture of inclusion and belonging where everyone can grow and succeed. Posting Date: Nov 13, 2025 Schedule: Full‑timeJob type: Permanent #J-18808-Ljbffr