Security Specialist

Primary Job Title:
Security Specialist
Alternate/Related Job Titles:

• Cybersecurity Risk Analyst
• Third Party Risk Assessor
• Information Security Consultant
• IT Risk Management Specialist
• Cyber Risk Governance Analyst

Location:
Toronto, ON

Onsite Flexibility:
Hybrid (2 days onsite, increasing to 4 days starting Nov 3, 2025)
Contract Details:

• Position Type: Contract
• Contract Duration: 12 months
• Start: September 15, 2025
• End: September 14, 2026
• Pay Rate: C$85 - C$103/hour

Job Summary:
We are seeking a Security Specialist to lead and execute third-party cyber risk assessments for global suppliers. This role involves identifying and mitigating security risks, guiding stakeholders on remediation, and influencing enterprise-wide cybersecurity posture. The role requires collaboration with cross-functional teams, and involvement in department-wide initiatives impacting risk management and cybersecurity frameworks.Key Responsibilities:

• Lead and execute third-party cyber risk assessments of suppliers across risk tiers.
• Coordinate with internal risk stakeholders to scope and plan assessments.
• Deliver results of assessments to both internal and external stakeholders.
• Recommend mitigation and remediation strategies and validate their implementation.
• Ensure assessments comply with industry frameworks, internal standards, and policies.
• Advise teams on Technology Controls and Information Security programs.
• Contribute to shaping global third-party cybersecurity management strategies.
• Support internal process reviews to identify opportunities for improvement.
• Foster a culture of strong technology risk management throughout the organization.

Required Experience:

• In-depth knowledge of IT security and risk disciplines.
• Advanced understanding of organizational technology controls and security practices.
• Proven ability to contribute to large-scale projects or assessments.
• Leadership-level expertise in technology control and information security.

Nice-to-Have Experience:

• CISSP or equivalent Information Security Certification/Accreditation.

Required Skills:

• IT Security & Risk Management
• Technology Controls & Cybersecurity
• Risk Assessment Leadership

Preferred Skills:

• Cross-functional Communication
• Vendor Risk Management
• Cybersecurity Frameworks (NIST, ISO, etc.)
• Third-Party Governance
• Incident Response Coordination

Additional Skills:

• Strong communication (written and verbal)
• Assessment coordination
• Internal process improvement
• Enterprise-level reporting and analysis
• Adherence to regulatory cybersecurity guidelines

About the Client:
Top 10 bank in Canada and North America offering comprehensive financial solutions. Providing retail, commercial, wealth management, and wholesale banking services, we help clients thrive in today's evolving market.About GTT:
GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company in Alaska. As a Native American-owned, economically disadvantaged corporation, we highly value diverse and inclusive workplaces. Our clients are Fortune 500 banking, insurance, financial services, and technology companies, along with some of the nation’s largest life sciences, biotech, utility, and retail companies across the US and Canada. We look forward to helping you land your next great career opportunity!
Job Number: 25-25362
Hashtags: #gttca