Cyber Compliance Specialist

Job Title: Cyber Compliance Specialist

Location: Downtown Toronto/Hybrid (2 days/week onsite)

Duration: 6-month contract (highly extendable)

Position Overview:

Our public sector client is seeking a Cyber Compliance Specialist to support its cybersecurity governance and compliance initiatives. The successful candidate will assess cybersecurity compliance across various departments and affiliated entities, ensuring alignment with industry standards and frameworks.

Key Responsibilities:

• Conduct cybersecurity compliance assessments across IT and OT environments.
• Support the development and enhancement of the Cyber Compliance Program.
• Evaluate systems, networks, and applications for vulnerabilities and risks.
• Align security controls with standards such as NIST and ISA-62443.
• Prepare detailed assessment reports and mitigation recommendations.
• Collaborate with stakeholders across business, IT, OT, and network security.
• Validate effectiveness of security controls (e.g., firewalls, IDS/IPS, encryption).
• Contribute to incident response and governance documentation.
• Provide expert guidance on cybersecurity best practices and risk management.

Required Qualifications:

• Post-secondary degree/diploma in Engineering, Technology, or related field.
• Experience in IT/OT cybersecurity within government or large enterprises.
• Strong knowledge of Operational Technology and Industrial Control Systems (ICS).
• Experience with PLCs, SCADA systems, and IT/OT integration.
• Proficiency in security tools (firewalls, IDS/IPS, antivirus, etc.).
• Familiarity with incident response planning and execution.
• Advanced skills in MS Office Suite, especially Visio, Excel, PowerPoint, Project, and SharePoint.
• Strong communication and stakeholder engagement skills.
• Ability to manage multiple priorities and deliverables effectively.
• Cybersecurity certifications (e.g., CISSP, CCSP, CISM, ISA, GIAC, GRID) are an asset.

Deliverables:

• Maintain a cyber risk registry and remediation action plans.
• Provide recommendations on secure network architecture and technology roadmaps.
• Develop reports and presentations for various stakeholders.
• Contribute to incident response and governance documentation.
• Support other cybersecurity governance and compliance initiatives as required.