Senior Security Specialist

Chief Operating Officer | Consultant | Human Resources | Recruiting | Canada, USA & India Senior Security Specialist – Governance, Risk & Compliance (GRC) / Cyber Defence Location: Toronto, ON (Hybrid – up to 3 days onsite) Contract Length: 2-3 months to start (with potential extension) Sector: Public Sector / Healthcare A leading public-sector organization in Ontario is seeking a highly experienced Senior Security Specialist to support multiple initiatives across Security Governance, Risk & Compliance (GRC), and Cyber Defence Operations . This role will act as a subject matter expert in security risk management, policy development, compliance, and audit readiness, while contributing to the ongoing maturity of the enterprise security program. This opportunity is ideal for a senior-level security professional with deep expertise in risk assessment frameworks, compliance and audit standards, and security governance , who thrives in collaborative, high-impact environments. Key Responsibilities Act as a security subject matter expert across multiple security risk management initiatives, including conducting and facilitating Threat and Risk Assessments (TRA) . Analyze proposed solution architectures, system designs, and IT development processes to identify security threats, vulnerabilities, and risks. Evaluate and interpret assessment reports based on NIST Cybersecurity Framework (CSF) and other recognized standards. Develop and recommend risk mitigation strategies aligned with enterprise risk tolerance and regulatory requirements. Lead and contribute to security governance activities , including development and maintenance of security policies, standards, procedures, and processes. Coordinate with internal and external stakeholders to implement security controls and address audit findings. Track security control implementation to ensure compliance with applicable regulations and audit frameworks. Support and contribute to the evolution of the organization’s cybersecurity strategy, governance, and assurance practices . Deliver presentations and security briefings to technical teams, business stakeholders, and senior leadership. Guide offensive security practices , methodologies, tools, and processes. Stay current on evolving industry best practices, security frameworks, and legislative requirements, assessing impacts to the organization. Utilize strong communication, negotiation, and conflict-resolution to align stakeholders with differing priorities. Required Qualifications & Experience 7+ years of experience in security risk management models for assessing and mitigating risk exposure. Extensive experience conducting Threat and Risk Assessments using frameworks such as: NIST CSF (including CSF 2.0) ISO 27001 / ISO 27002 Strong experience analyzing security assessment reports and translating findings into actionable recommendations. Proven experience in security governance , including developing policies, standards, processes, and procedures. Hands‑on experience working with compliance and audit frameworks , including: PHIPA SOC 2 Type II Deep understanding of security threats, vulnerabilities, and safeguards across applications, infrastructure, and enterprise environments. Strong analytical and risk communication skills, with the ability to present complex concepts to both technical and executive audiences. Experience with security and IT management frameworks such as SABSA and COBIT . Demonstrated ability to work collaboratively, lead initiatives, and influence cross‑functional teams. Desired Qualifications 10+ years of experience across security domains such as GRC, IT audit, cyber defence, or third-party risk management. Bachelor’s or Master’s degree in Computer Science, Information Technology, Cyber Security, or a related field (or equivalent experience). Professional security certifications required (one or more): CISSP CISM CISA CRISC CCSP Experience in public sector or healthcare environments (asset). If you are a senior security professional with a passion for risk management, compliance, and strengthening enterprise security programs , this role offers a high-impact opportunity to contribute to meaningful public-sector initiatives. If interested, apply to the job posting directly or send your resume to for immediate consideration. Get notified about new Security Professional jobs in Toronto, Ontario, Canada . #J-18808-Ljbffr