Senior GRC Security Analyst - ITS Governance, Risk, and Compliance

The Senior Governance, Risk and Compliance (GRC) Security Analyst is responsible for supporting the security direction of the business and elevating the company's security posture. The Senior GRC Security Analyst is expected to support the security strategy of the business within new and existing information system capabilities. The Senior GRC Security Analyst possesses expert level knowledge of enterprise risk management with a specialty in cybersecurity.

The Senior GRC Security Analyst is also responsible for the planning and design of corporate policies and maintenance in supporting the company's security posture. This position has an emphasis on higher risk projects, larger systems spanning multiple organizations, with a significant impact on patient care.

The Senior GRC Analyst provides senior level expertise in cybersecurity governance, enterprise risk management, and compliance, with a strong focus on cloud services, artificial intelligence (AI), and complex technology risk assessments. This role supports informed decision making for high impact digital initiatives that directly affect patient care, clinical operations, and organizational trust.

The Senior GRC Analyst leads Technology Risk Assessments (TRAs) for enterprise platforms, cloud architectures, and emerging technologies against industry standard frameworks, translating technical risk into clear, actionable guidance for leaders. This role is also accountable for authoring, maintaining, and modernizing security and risk policies, ensuring they remain relevant in a rapidly evolving digital health and AI landscape.

In partnership with Ontario Health, this role supports cybersecurity risk assessment services for multiple healthcare organizations across Ontario, contributing to a consistent and mature provincial security posture as an integral member of Cybersecurity Southwest (CSSW), the Security Local Delivery Group (LDG).

What we offer:

• Status: Regular Full-time
• Hours of Work: 37.5 hours per week
• Rate of Pay: $54.93 per hour to $68.67 per hour
• Health and Dental Benefits & Pension Plan (HOOPP)
• Career development and training opportunities
• Employee Wellness Initiatives

Qualifications

• Successful completion of a three (3) year College Diploma in Cybersecurity or Governance Risk & Compliance (GRC)
• Bachelor's degree in computer science, Engineering or Legal/Business preferred
• Master's degree in computer science, Engineering or Legal/Business preferred
• Minimum of three (3) years of relevant experience
• ISC2 Certified Information Systems Security Professional (CISSP) required
• Certification Governance Risk & Compliance (CGRC) required
• Outstanding communications (verbal and written) skills are essential interacting with people from different disciplines and with varying degrees of technical know-how
• Strong analytical and critical thinking skills. Detail-oriented
• Strong organizational skills
• Can provide leadership expertise while also serving as a team-player; integrates business and financial acumen with technical leadership
• Knowledge of health care digital systems in use in Ontario (preferred)
• Strong knowledge and experience with the application of privacy legislation (preferred)
• Experience with financial risk management (preferred)
• Demonstrated practice and commitment to the principles of patient and family centered care
• Demonstrated practice and commitment to patient and staff safety at LHSC
• Demonstrated practice and commitment to LHSC's vision, purpose and values
• Demonstrated ability to attend work on a regular basis

LHSC acknowledges that skills, education and lived experience come in many forms and may have been developed differently from those listed in the job posting. Although LHSC has discretion in determining whether a candidate meets the qualifications and licensing requirements, we welcome applications from those with different experiences who may not meet every requirement listed.

If interested in this role, please apply with a resume that outlines all current and previous experience relevant to the position. We are committed to providing a safe, healthy and inclusive work environment that inspires respect. LHSC is committed to employment equity and diversity in the workplace and welcomes applications from equity-denied groups including Indigenous people, racialized people, women, persons with disabilities, and 2SLGBTQIA+ persons.

LHSC is also committed to ensuring an accessible and inclusive recruitment process. Upon individual request, we will endeavor to remove any barrier to the hiring process to reasonably accommodate candidates, including those with disabilities, while maintaining a fair, consistent and equitable recruitment approach.

Should any applicant require accommodation through the application, interview or selection processes, please contact Recruitment Services at 519-685-8500, extension #34321 or recruitment@lhsc.on.ca.

Immunization Requirements

Before beginning employment at LHSC, all new hires must provide documentation related to LHSC's Health Review requirements.

Work Permit

Please be advised, if you are seeking employment on a temporary work or study permit, we recommend reviewing work permit restrictions as it applies to healthcare organizations in Canada.

Remote Work: Please note that while this position is primarily remote, work arrangements are subject to change based on organizational needs and may require occasional or future on-site presence.