IT Compliance Analyst

**Company Description**
The House of Commons Administration delivers outstanding services to Members of Parliament and their employees in support of parliamentary democracy. Our success is made possible by our talented and dedicated workforce. We leverage diversity in all its forms and recognize that everyone has valuable contributions to make and the potential for individual growth. If you dream of joining an organization that is small enough for you to be noticed, but big enough to provide you with a meaningful career, then we want to hear from you

The House of Commons Digital Services and Real Property is currently looking to staff the IT Compliance Analyst position within the IT Security team.

We are looking for an IT Security expert to join our team as an IT Security Compliance Analyst. In this role, you will bring deep security expertise and a strong understanding of compliance frameworks to ensure the organization’s IT systems, products, and services align with internal policies, baselines, best practices, and industry standards. You will assess, advise, and guide teams in building secure, compliant solutions while strengthening the organization’s overall security posture.

You will collaborate closely with various product lines—working hand-in-hand with development, operations, and business teams—to integrate security and compliance into every stage of the product lifecycle. By enabling teams and providing expert recommendations, you will help ensure our technology is resilient, trusted, and aligned with organizational priorities.

As part of the IT Security team, you will lead and participate in a broad range of IT security assessments and compliance activities, including:

- Threat and Risk Assessments (TRA) - evaluating potential threats, vulnerabilities, and their impact on operations.
- Network, Application, and Cloud Security Assessments - reviewing architectures, controls, and configurations for weaknesses.
- Privacy Impact and Data Protection Assessments - ensuring alignment with data protection principles and best practices.
- Statement of Sensitivity (SOS) - classifying and safeguarding information according to sensitivity.
- Vulnerability Scanning and Penetration Testing - proactively identifying, validating, and prioritizing vulnerabilities.
- Risk Analysis and Expert Recommendations - delivering actionable guidance to reduce exposure and enhance defenses.

Beyond assessments, you will define, update, and maintain IT security policies and standards, ensuring they remain current and effective. You will conduct compliance monitoring and internal audits to safeguard the organization’s systems and data. In addition, you will manage the processes for detecting, tracking, and remediating vulnerabilities, while delivering targeted training and awareness programs to embed security best practices across the organization.

**Top Reasons to Join IT Security Operations Team**
- Work on high-impact projects that directly shape the organization’s security posture.
- Collaborate with a forward-thinking leadership team that values innovation, knowledge sharing, and continuous improvement.
- Partner with diverse product teams to influence security from concept to delivery.
- Access ongoing professional development and industry-leading training.
- Benefit from a balanced 35-hour workweek and a minimum of 4 weeks’ vacation.

**Qualifications** Education**:

- University degree in information technology, computer sciences or another related field, OR an acceptable combination of education, training and experience.

**Experiences**:

- Technical experience in IT Infrastructure, such as Networking and Server Administration;
- Technical experience with Vulnerability Management Tools and Scanners;
- Expertise in IT security with a strong background in compliance programs;
- Conducting compliance monitoring, internal audits, and vulnerability management;
- Working collaboratively with multiple product lines to integrate security into products and services;
- Providing expert-level guidance, tools, and processes to strengthen organizational security.

**Assets**:

- Recognized certifications in IT security or audits (e.g., CISA, GSNA, CISSP, CIA).

**Additional Information**

We invite you to save a copy of the notice of job opportunity. Once the closing date has passed, these documents will no longer be available.

Learn more about us Visit Ourcommons.ca.

To learn about our hiring process, visit Eligibility and Selection.