Senior Information Risk Management Analyst – GenAI

Join to apply for the Senior Information Risk Management Analyst – GenAI role at Recruit Action Inc.

Drive innovation in cybersecurity and information risk within the insurance sector through a hybrid contract role based in Toronto. Leverage Generative AI, oversee third-party risk, and apply frameworks like NIST and ISO 27001 while contributing to regulatory compliance and strategic oversight in a high-impact environment.

What is in it for you :

• Salaried: $70-85 per hour.
• Incorporated Business Rate: $85-100 per hour.
• 4-month contract.
• Full-time position: 37.50 hours per week.
• Weekday schedule from 9 am to 5 pm; flexible options from 8 am to 4 pm or 10 am to 6 pm.
• Hybrid work: in-office Tuesday to Thursday.
• Opportunity to work in a dynamic and professional environment.
• Join a passionate and inclusive team of professionals.

Responsibilities :

1. Execute Generative AI prompts to evaluate vendor contracts and assess control evidence.
2. Identify gaps or deficiencies in first-line documentation and challenge weak risk assessments.
3. Validate Gen AI outputs for policy alignment and regulatory compliance.
4. Develop best-practice guides for AI implementation in contract and risk review processes.
5. Support the Control Self-Assessment (CSA) process by validating business-critical evidence.
6. Perform second-line reviews of onboarding, offboarding, and exit strategy simulations.
7. Monitor long-term third-party relationships for policy adherence.
8. Recommend and track mitigation plans, ensuring alignment with cybersecurity frameworks.
9. Collaborate with business and functional stakeholders to advise on risk treatment and oversight.

What you will need to succeed :

• Bachelor’s degree in a related field (e.g., Information Security, Computer Science, Risk Management, or similar).
• Professional certifications such as CISSP or CISA (preferred).
• 5+ years of experience in Information Security, Technology Risk, Business Resiliency, or third-party/vendor risk management.
• 2+ years’ hands-on experience applying Generative AI within cybersecurity or risk frameworks.
• Expertise in Independent Oversight, with strong advisory and consulting skills in risk management.
• Deep understanding of IRM best practices, including cybersecurity, privacy, and business continuity.
• Advanced knowledge of IT and security standards: ISO 27001, NIST CSF, NIST 800 series, COBIT, and ITIL.
• Strong communication skills to present complex topics to diverse audiences.
• Strategic thinking with the ability to assess risks, challenge assumptions, and influence outcomes.
• Familiarity with cloud platforms such as Azure (preferred).
• Experience working in regulated environments across North America and Asia (preferred).

Why Recruit Action?

Recruit Action (agency permit: AP-2504511) provides recruitment services with a personalized approach to job seekers and businesses. Only candidates matching the criteria will be contacted.

MFCJP00015394

Seniority level: Not Applicable

Employment type: Contract

Job function: Information Technology

Industries: IT Services and IT Consulting

Referrals increase your chances of interviewing at Recruit Action inc. by 2x.

Get notified about new Senior Risk Analyst jobs in Toronto, Ontario, Canada.

Toronto, Ontario, Canada CA$90,000-CA$110,000, posted 2 weeks ago.