IT Compliance Analyst

The House of Commons Administration delivers outstanding services to Members of Parliament and their employees in support of parliamentary democracy. Our success is made possible by our talented and dedicated workforce. We leverage diversity in all its forms and recognize that everyone has valuable contributions to make and the potential for individual growth. If you dream of joining an organization that is small enough for you to be noticed, but big enough to provide you with a meaningful career, then we want to hear from you!

Job Description

The House of Commons Digital Services and Real Property is currently looking to staff the IT Compliance Analyst position within the IT Security team.

We are looking for an IT Security expert to join our team as an IT Security Compliance Analyst. In this role, you will bring deep security expertise and a strong understanding of compliance frameworks to ensure the organization’s IT systems, products, and services align with internal policies, baselines, best practices, and industry standards. You will assess, advise, and guide teams in building secure, compliant solutions while strengthening the organization’s overall security posture.

You will collaborate closely with various product lines—working hand-in-hand with development, operations, and business teams—to integrate security and compliance into every stage of the product lifecycle. By enabling teams and providing expert recommendations, you will help ensure our technology is resilient, trusted, and aligned with organizational priorities.

As part of the IT Security team, you will lead and participate in a broad range of IT security assessments and compliance activities, including:

• Cybersecurity Risk Assessments – identifying, analyzing, and prioritizing risks across applications, networks, and infrastructure.
• Threat and Risk Assessments (TRA) – evaluating potential threats, vulnerabilities, and their impact on operations.
• Network, Application, and Cloud Security Assessments – reviewing architectures, controls, and configurations for weaknesses.
• Privacy Impact and Data Protection Assessments – ensuring alignment with data protection principles and best practices.
• Statement of Sensitivity (SOS) – classifying and safeguarding information according to sensitivity.
• Vulnerability Scanning and Penetration Testing – proactively identifying, validating, and prioritizing vulnerabilities.
• Risk Analysis and Expert Recommendations – delivering actionable guidance to reduce exposure and enhance defense.

Beyond assessments, you will define, update, and maintain IT security policies and standards, ensuring they remain current and effective. You will conduct compliance monitoring and internal audits to safeguard the organization’s systems and data. In addition, you will manage the processes for detecting, tracking, and remediating vulnerabilities, while delivering targeted training and awareness programs to embed security best practices across the organization.

Top Reasons to Join IT Security Operations Team

• Apply your security expertise in a dynamic environment supporting Members of Parliament, their staff, and corporate IT.
• Work on high-impact projects that directly shape the organization’s security posture.
• Collaborate with a forward-thinking leadership team that values innovation, knowledge sharing, and continuous improvement.
• Partner with diverse product teams to influence security from concept to delivery.
• Access ongoing professional development and industry-leading training.
• Benefit from a balanced 35-hour workweek and a minimum of 4 weeks’ vacation.

Qualifications

Education :

• University degree in information technology, computer sciences or another related field, OR an acceptable combination of education, training and experience.

Experiences :

• Technical experience in IT Infrastructure, such as Networking and Server Administration;
• Technical experience with Vulnerability Management Tools and Scanners;
• Expertise in IT security with a strong background in compliance programs;
• Experience applying internal policies, baselines, industry standards, and best practices to secure IT systems and services;
• Leading or participating in IT security assessments, including Cybersecurity Risk Assessments, TRAs, network/application/cloud assessments, PIAs, SOS, and vulnerability testing;
• Conducting compliance monitoring, internal audits, and vulnerability management;
• Working collaboratively with multiple product lines to integrate security into products and services;
• Providing expert-level guidance, tools, and processes to strengthen organizational security.

Assets :

• Recognized certifications in IT security or audits (e.g., CISA, GSNA, CISSP, CIA).

Additional Information

We are committed to creating an inclusive workplace by providing a barrier-free recruitment and selection process. If you have an accommodation request, require material in an accessible format, or need additional support with the application process, please contact Recruitment and Selection Services at HOCCareers-CarrieresCDC@parl.gc.ca.

Each bilingual position is assigned a linguistic profile that identifies the level of second language proficiency for reading comprehension, written expression and oral interaction required. The profile for this position is BBB. Consideration may be given to candidates with other linguistic profiles.

We invite you to save a copy of the notice of job opportunity. Once the closing date has passed, these documents will no longer be available.

Qualified candidates may be considered for future vacancies for this role or for other similar and/or related roles on an indeterminate and/or fixed term basis.

Learn more about us! Visit Ourcommons.ca.

To learn about our hiring process, visit Eligibility and Selection.