Insight Global is searching for a Third Party Risk - Senior Security Analyst. We’re looking for a seasoned security professional to join a Cybersecurity Governance, Risk & Compliance (GRC) team for a leading retail and wellness client in Vancouver. This team serves as trusted advisors, problem solvers, and innovators—helping the business manage risk, ensure regulatory compliance, and drive continuous improvement. You’ll collaborate across departments (Brand, Product, IT, Finance, and more) to deliver creative, secure solutions that protect our organization.
This role is a 6 month contract, with the possibility of extension.
What You’ll Do
- Conduct IT risk assessments for new projects and technology implementations.
- Define security risk profiles for systems, assets, and data using internal policies, frameworks, and industry best practices.
- Identify threats, vulnerabilities, and control gaps; perform impact analysis; and recommend compensating controls.
- Escalate security exceptions, threats, and delivery issues as needed.
- Lead stakeholder engagement, risk communication, and risk treatment activities.
- Automate GRC workflows, track risk lifecycle, and report on risk status.
- Collaborate with IT Security and Policy teams on complex risk matters.
- Drive continuous improvement initiatives within the department.
What We’re Looking For
- 8–10 years of IT risk management or combined GRC and information security experience.
- Strong knowledge of data security and privacy regulations (NIST CSF, ISO 27001, PCI DSS, GDPR).
- Proven ability to assess technology and security risks, including third-party vendor risk.
- Exceptional stakeholder management and presentation skills, including executive-level communication.
- Proficiency with documentation tools (Confluence, Jira).
- Bachelor’s degree in MIS or related field.
- At least one certification: CISSP, CISA, CRISC, or ISO27001 Lead Auditor.
