Jr. Analyst, Security Governance, Risk & Compliance

It has come to our attention that various international organizations or individuals have been offering false employment opportunities at Aecon Group Inc. Aecon Group Inc. employment policies and processes involve interviews, and candidates who seek employment are never required to pay us any sum of money. To do so would be contrary to our business conduct guidelines and ethical practices. We also do not extend formal offers of employment or execute employment agreements through social media or social chat platforms.

We take this matter extremely seriously and are working with the appropriate authorities to shut down such fraudulent schemes. Please remain vigilant on this matter and report any suspicious outreach to your local authorities and email any concerns toaecon@aecon.com

Date: May 6, 2025

Location:

Toronto, ON, CA

Operating Sector: Information Services

Come Build Your Career at Aecon!

As a Canadian leader in infrastructure development, Aecon is safely and sustainably building what matters for future generations to thrive! We lead some of the most impactful infrastructure projects of our generation, at the forefront of transformational change in transportation and energy, and partnering every day to build, connect, power, and strengthen our communities.

At Aecon, you can count on:

• Safety Always. Our number one core value. If we can’t do it safely, we don’t do it at all.
• Integrity. We lead by example, with humility and courage.
• Accountability. We’re passionate about delivering on our commitments.

We lead the infrastructure industry with purpose, and our people are at the heart of everything we do. So, we invest in our people, just like they invest in us!

At Aecon we:

• Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
• Believe in helping you build your career through our Aecon University and Leadership Programs.
• Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training, our Aecon Women in Trades and Aecon Diversity in Trades programs, and our Employee Resource Groups (ERGs) to ensure we are building inclusion into every aspect of our culture at Aecon.
• Are a leader in sustainable construction.With a strong commitment to operating responsiblyby minimizing our impact on the environment and surrounding communities.

Our business success relies on strong execution and continuous improvement – driven by the diversity, expertise and teamwork of our people. We’re always searching the globe for innovative, collaborative minds to join our best-in-class Aecon community!

What is the Opportunity:

Reporting to the Sr. Manager, Security GRC, the Jr. Analyst, Security GRC will be responsible for assisting in the development, implementation, and management of the company's information security governance, risk, and compliance (GRC) program.

What You’ll Do Here:

• Conduct risk assessments, vulnerability assessments, and gap analyses to identify security risks and compliance gaps
• Develop policies and procedures related to information security and compliance
• Assist in maintaining and updating the company's security controls library
• Conduct compliance checks and related activities to ensure security controls are in place and working effectively
• Collect SOC2 reports and other supporting documentation from key vendors to ensure ongoing compliance with organizational security standards
• Coordinate quarterly access reviews and ensure appropriate sign-offs
• Collaborate with stakeholders across the organization to ensure that information security and compliance requirements are integrated into business processes
• Monitoring and reporting on the effectiveness and compliance of the company's information security program
• Respond to audit requests and regulatory inquiries
• Perform security risk assessments and follow up to ensure that identified security requirements have been implemented prior to go-live
• Respond to the vendor questionnaire in accordance with our policies and standards
• Stay current with regulatory requirements and industry best practices related to information security and compliance

What You Bring to the Team:

• Bachelor's degree in Computer Science, Information Security, or minimum 1-year related work experience
• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) would be an asset
• Understanding of information security and compliance frameworks such as NIST 800 series, ISO 27001/27002, PCI DSS, etc.
• Familiarity with risk assessment methodologies and tools
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Ability to work independently and as part of a team

Aecon fosters diversity , inclusion and belonging within and across our organization. We welcome all to apply including, women, visible minorities, Indigenous peoples, persons with disabilities, and persons of any sexual orientation or gender identity.

We are committed to adhering to the objectives and requirements outlined in the Accessible Canada Act (ACA), and to meeting the accessibility needs of persons with disabilities in a timely manner, through the implementation of the requirements of the ACA and its applicable regulations. If you require accommodation under the ACA during any step of the application process please click here.