Information Risk Management Analyst - Cloud & Infrastructure Security

We are looking for an experienced Information Risk Assessment Consultant to support technology projects in a regulated financial services environment. This role focuses on conducting risk assessments to ensure projects align with internal governance standards, security policies, and regulatory requirements.

The successful candidate will work closely with project teams, cloud engineers, application owners, cybersecurity, infrastructure, and risk teams to identify technology risks, validate controls, and document findings.

This is a desk-based, project-driven role requiring strong documentation and stakeholder communication skills.

• Conduct information risk assessments aligned with enterprise risk frameworks.
• Review cloud (Azure/AWS), infrastructure, application, and emerging technology initiatives (including Generative AI).
• Identify control gaps and provide practical remediation recommendations.
• Partner with cross-functional teams (Engineering, Cloud, Architecture, ITAM, Risk).
• Document findings clearly in tools such as Archer or Service Now.
• Support audit reviews and incident investigations when required.
• Manage multiple assessments across different projects simultaneously.

• 5–7 years of experience in technology risk, cybersecurity, IT audit, or compliance (preferably in financial services).
• Experience conducting formal information risk assessments.
• Knowledge of cloud security, infrastructure risk, and emerging technologies.
• Familiarity with regulatory frameworks (OSFI B-13, NIST, SOC).
• Strong analytical, documentation, and communication skills.
• Experience with tools such as Archer, Jira, Confluence, or Service Now.
• Bachelor’s degree in a related field or equivalent experience.

• Certifications such as CISSP, CISA, CRISC, or CISM (or working toward one).
• Knowledge of NIST CSF, ISO 27001, or CIS Controls.

The expected base salary range for this position is $75 – $85 per hour, depending on experience, skills, and internal equity.

The Company offers a total rewards package in accordance with all applicable federal, provincial, and local laws and requirements. Benefit eligibility and offerings vary based on role, employment status, and work location.

For contractor positions, benefits are limited to those entitlements and protections required by applicable law, which may include (as applicable) vacation pay, public holidays, leaves of absence, and other legally mandated benefits or payments.

We may use AI-enabled and/or automated tools to support parts of our recruitment process, including application screening, interview scheduling, and candidate communications. These tools are used to enhance consistency and efficiency. All hiring decisions involve human review and are not based solely on automated processing.