Cybersecurity Analyst, Governance, Risk, and Compliance (GRC)

Application deadline: March 12, 2026

Join the EDC Team!

At EDC, we support Canadian businesses to succeed globally. We provide the financial tools and expertise they need to explore new markets, reduce risks, all towards the goal of making Canada and the world better through trade.

Position: Cybersecurity Analyst, Governance, Risk, and Compliance (GRC)

Employment Type: Permanent

Compensation Details

• Service Analyst 17: Salaries typically range from $84,698 to $112,931 annually, based on qualifications and experiences, plus a performance-based incentive.
  
  

Location:

• Export Development Canada operates in a hybrid work environment, currently requiring employees to work in the office 2 days per week. (subject to change)
• This role can be performed from EDC’s headquarters in Ottawa or from one of our Community Hubs located in Toronto, Mississauga, Montreal, Brossard, or Laval.
• Relocation assistance is available for candidates who meet the eligibility criteria.
  
  

About EDC

At Export Development Canada (EDC), we empower Canadian businesses to succeed globally. As a financial Crown corporation, we offer innovative financial solutions and expert insights to help businesses explore new markets, mitigate risks, and achieve growth.

Why Join EDC?

• Comprehensive Benefits: EDC offers a competitive compensation & benefits package, work-life balance, & the opportunity to help make Canada and the world better through trade.
• Work-Life Balance: EDC offers a competitive compensation package & work-life balance. We have hybrid work options, 3 to 4 weeks paid vacation, a corporate closure period, summer early Friday’s & no meeting Fridays.
• Professional Development: Take advantage of our continuous learning opportunities, including training programs, workshops and language training.
• Inclusive Culture: Be part of a diverse and inclusive workplace that champions employment equity & values diversity of ideas, strengths, & backgrounds to succeed.

Looking to advance your Cyber Security career with relocation support? Explore Cyber Security Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

• Wellness Programs: Access to wellness initiatives, mental health support, and fitness programs to keep you healthy and happy.
• Community Engagement: Participate in volunteer opportunities and give back to the community through our various social responsibility programs.
  
  

Team Overview

The Digital & Technology Solutions (DTS) group under the leadership of the Chief Information Officer was established in 2023 with the mission of empowering our customers and colleagues to take on the world, by seamlessly delivering secure and reliable digital experiences. Digital & Technology Solutions has set out to achieve the following objectives for EDC:

• Define, execute, and sustain the integrated technology target state, target data model and technology operations required to enable EDC’s 2030 business transformation.
• Establish and manage the rolling 3 Year Digital Roadmap that sequences the technology outcomes required to achieve the technology target state and facilitate its execution across all domains in the organization.
• Keep pace with industry trends and emerging technologies, ensuring EDC has access to the digital technology tools it needs to stay relevant in the market and grow Canadian global trade.
• Lead and ensure integrated digital, data, infrastructure, and cybersecurity implementations to create excellent customer, user, and employee experiences.
  
  

This is your opportunity to join a cybersecurity team with a business-first mindset. You will be part of a growing team of cybersecurity professionals that value transparent communication, collaboration with various internal and external stakeholders, and support innovation while being equally committed to achieving information security risk targets and delivering on the planned security program obligations.

The Cybersecurity Analyst supports the execution and operational delivery of cybersecurity governance, risk management and compliance activities applying industry recognized frameworks. This role contributes to maintaining EDC’s cybersecurity posture by supporting risk assessments, evidence collection, metrics and reporting, and lifecycle management of standards and guidelines, in collaboration with cross-functional teams.

Reporting into the Director, Cyber GRC & Program/Portfolio is responsible for overseeing the operational and tactical direction, development, and management of the organization's Cyber risk management operating model aligned with the overall cybersecurity strategic direction, contributes to strategy and delivers the required cyber risk management governance, risk and compliance services.

What You Will Be Doing

• Governance Development: Support the maintenance of cybersecurity governance frameworks, policies, standards and guidelines, including updates, version control, and evidence maintenance under direction of senior team members.
• Risk Management: Provide EDC operational support to risk assessment managed services, ensuring access to EDC-managed tools and repositories.
• Capability Maturity Assessments: Coordinate and drive cybersecurity capability and maturity assessments aligned with Capability Maturity Model Integration (CMMI), including evidence collection, gap identification, and progress tracking.
• Compliance Monitoring: Assist in tracking compliance to internal cybersecurity policies and standards by supporting exception intake, maintaining logs, and following up on action items.
• Audit & Assessment Support: Support audits and assessments by preparing and organizing documentation and evidence packages; coordinate inputs and maintain response trackers.

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Metrics & Reporting: Collect, validate, and maintain cybersecurity governance and risk metrics; support dashboard creation and recurring reporting packs (e.g., Power BI) for oversight forums.
• Cross Functional Collaboration: Collaborate with Cybersecurity teams, IT, and business partners to support delivery of governance, risk, compliance, and reporting activities.
• Teamwork: Organize and prioritize assigned work within defined processes; escalate risks, blockers, and dependencies to senior team members as required.
• Standards & Guidelines: Coordinate periodic reviews of standards, guidelines, and procedures by collecting feedback, proposing updates, and maintaining publication artifacts for approval by senior owners.
• Knowledge & Content Management: Maintain Cyber Security SharePoint content, ensuring accuracy, relevance, and removal of obsolete or unauthorized information from front facing views.
• Technology Enablement: Leverage GRC tools, platforms, and reporting solutions (e.g., Power BI) to support efficient execution of GRC processes and metrics automation.
• Vendor Management: Support cyber security third party risk management activities by administering questionnaires, validating evidence completeness, tracking remediation actions, and escalating higher-risk issues for senior review.
  
  

What We Are Looking For

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Minimum 5 years of experience in Cybersecurity with a focus on Third Party Risk Management (TPRM) and GRC operational tasks.
• Good understanding and working knowledge of cybersecurity frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, ISO 27002) and the ability to apply them within defined procedures and assessments.
• Hands-on experience supporting one or more of: third-party risk activities, evidence collection for audits/assessments, compliance tracking, maturity assessments, or risk reporting, under established methodologies and guidance.
• Demonstrated ability to execute structured, recurring GRC activities, track evidence and documentation, track action items, and meet delivery timelines.
• Experience working with metrics, dashboards, or reporting (e.g., Excel/Power BI), including data validation and maintenance of reporting inputs.
  
  

What Will Make You Stand Out

• Experience supporting Cyber Third‑Party Risk Management (TPRM) workflows end‑to‑end (questionnaire administration, evidence validation, remediation tracking) in a high‑volume environment.
• Hands‑on experience with GRC tools, risk registers, SharePoint, or governance and compliance repositories.

Interested in relocating to Canada? Check out our comprehensive Relocation Jobs in Canada page with detailed relocation packages and benefits.

• Hands‑on experience creating or improving Power BI dashboards and automated reporting for risk/register metrics (data quality, remediation status, trends).
• Exposure to Capability Maturity Model Integration (CMMI) or other maturity, assurance, or control‑based assessment frameworks in a support or coordination role.
• A structured, detail‑oriented approach with a strong service mindset, curiosity to learn, and interest in building a long‑term career in Cyber Governance, Risk and Compliance.
• Progress toward, or completion of, relevant certifications such as ISO 27001 Foundation, Security+, or other cybersecurity credentials.
• Bilingual in both official languages (English and French).
  
  

Eligibility

EDC is committed to Fair Employment Practices and preference will be given to a candidate who is able to work legally in Canada at the time of application (Canadian Citizens or Permanent Residents). Candidates must meet the requisite government security screening requirements. The position is open to those who meet all of the essential requirements stated above and whose applications are received by the closing date.

This position is open to individuals who meet all the essential criteria outlined above and submit their applications by the closing date. Ready to make a difference? This is your chance to join a dynamic, growing team and leave your mark on our organization, development finance, and the world.

Apply today!

Want to learn more about EDC? Check our website here https://www.edc.ca

EDC's Commitment to Employment Equity

Export Development Canada (EDC) is dedicated to fostering employment equity and building a diverse workforce. We are committed to creating a safe and inclusive environment that respects people from all cultures, backgrounds, and abilities. At EDC, we nurture a culture of inclusion and belonging where everyone has equal opportunity to grow, develop, succeed, and be their truest selves.

We actively encourage applications from women, Indigenous peoples, visible minorities, persons with disabilities, and members of the 2SLGBTQI+ community.

Your application must clearly demonstrate how you meet all the requirements. We thank all applicants' interest in a career at EDC; however, only those selected for an interview will be contacted. Please note that qualified candidates may be considered for similar roles at this level within EDC.

EDC recognizes that disclosing the need for accommodations can be a personal matter. Please know that as an organization, we are committed to maintaining confidentiality and ensuring that any accommodations provided are tailored to support your needs. Our aim is to ensure you have a comfortable and positive experience throughout the recruitment process, so please do not hesitate to contact us directly for any accommodation requests at accessibility@edc.ca. We are here to support you every step of the way.

Posting Date

Feb 26, 2026, 4:27:49 PM

Primary Location:

Ontario-Ottawa

Job Type

Permanent

Schedule

Full-time