VACANCY

Senior Consultant, Governance, Risk, & Compliance

SHARE

Details & Requirements

Hybrd
Full-time
40 Hours p/week
Experience Level: Senior

Job Description

Within Elastify’s Security Practice, we are currently seeking a Senior Cyber Risk Consultant to assist our growing engagement team in assessing our client’s security processes and controls. 

Education & Experience

  • Four to seven years of experience in the field of Cybersecurity, Technology Risk, or GRC 
  • Completion of at least one of the following designations: CISA, CRISC, CISM, CISSP, ISO 27001 LA. 
  • Bachelor’s degree or higher in a related field to Cybersecurity or equivalent working experience 
  • Experience with leading and delivering assessments against the follow standards & frameworks including but limited to SOC 2, NIST CSF, NIST 800-53, CMMC, ISO 27001, CIS. 
  • Experience with Compliance & Controls Automation Platforms (e.g. Drata) 
  • Strong attention to detail and organizational skills. 
  • Experience leading, coaching, mentoring junior personnel. 
  • Excellent oral and written communication with experience helping clients navigate through complex cybersecurity and compliance challenges. 

Additional Information

Responsibilities

  • Leading & delivering compliance readiness assessments (e.g., SOC 2, ISO 27001, PCI DSS). 
  • Running workshops with clients. 
  • Support remediation activities (e.g., policy, procedure, documentation development). 
  • Assist in designing and implementing relevant controls for industry leading security and compliance frameworks. 
  • Maturing client’s business resilience, including the development of business continuity, disaster recovery, and incident response plans.
  • Facilitate Incident Response Tabletop exercises.  
  • Drafting & presenting reports and findings to key client stakeholders. 
  • Managing the delivery of engagements to ensure budgets and timelines are met. 
  • Helping clients with data protection and privacy readiness (HIPAA, GDPR, PIPEDA, Quebec Law 25 etc.). 
  • Conduct Risk and Privacy Assessments (TRA, TPRM, PIA etc.). 
  • Implement and work with compliance automation platforms to conduct assessments or provide advisory to clients. 
  • Conducting information system audits.  
  • Advising clients with security best practices (People, Process, and Technology).  
  • Supporting Elastify’s pre-sales activities (proposals, engagement letters / statement of work development). 

Benefits of working at Elastify 

  • Three weeks’ vacation 
  • Benefits package 
  • Wellness Account 
  • Cellphone and Travel allowance 
  • Downtown Toronto office location (121 King Street West – connected to the path) 
  • Hybrid work 

About Elastify
Elastify is an IT consulting firm with a deep focus on security and compliance services.  

Based in Toronto with a presence across North America, our people are united by our core values and a shared commitment to simplifying IT for those we serve. We approach engagements with a client-centred mindset and consider ourselves a natural extension of their teams.  

Our flexible, on-demand service model provides access to the right skillsets and solutions needed to meet the demands of our clients.

We specialize in delivering high value services and provide advisory within: 

  • Governance, Risk & Compliance (GRC)
  • Cybersecurity Engineering
  • Penetration Testing
  • Data Protection & Privacy
  • Cloud Security
  • Microsoft Enablement
  • Staff Augmentation

The Elastify business has grown 170% YoY, generating over $70 million in recognized revenue in just four years. With over 100 active contracts being delivered on each month, there is great opportunity to get involved to leave your mark on the growth of Elastify, while developing lasting relationships in a growing industry.  

Ready to Apply?

We review all applications as soon as we can and hope to get back to you within the next few days.

Email us

contact@elastify.ca

Resume*
Max. file size: 50 MB.
Consent(Required)
By submitting this form you agree to Elastify storing and processing your details in order to respond to your enquiry. For more information please visit our Privacy Policy

We’re good listeners, we’re very well-connected and we care a ton about your success.