Security Risk Analyst (Central Business District)

Security Risk Analyst Responsible for identifying, assessing, and supporting the management of information security risks across the firm. Reported to the Manager, Compliance & Risk, this role contributes to the firm’s risk management program by evaluating technology risks, supporting control assessments, and assisting in the development of mitigation strategies. Key Responsibilities Identify and assess information security risks by evaluating systems, processes, and technologies to determine potential vulnerabilities and impacts.

Analyze risk findings by documenting risk levels, control gaps, and mitigation recommendations to support decision‑making and risk tracking. Support control reviews by assessing the design and effectiveness of security controls to ensure alignment with policies and standards. Evaluate vendor and third‑party risks by reviewing security documentation and assessing compliance with firm requirements.

Maintain risk registers and track remediation activities by monitoring progress and ensuring timely resolution of identified risks. Work with infrastructure, application, and business teams to understand risks, recommend controls, and support risk mitigation efforts. Assist with audit and compliance initiatives by providing risk‑related documentation, evidence, and analysis.

Contribute to the improvement of risk management practices by identifying trends, recommending enhancements, and supporting awareness initiatives. What You’ll Bring Bachelor’s Degree in Information Security, Information Technology, Risk Management or a related discipline, or an equivalent combination of education and experience. 3–5 years of experience in information security, risk analysis, compliance, or related roles. Experience supporting risk assessments or security programs in an enterprise environment.

Experience in a professional services organization is considered an asset. Familiarity with information security frameworks (e.g., ISO 27001, NIST or similar). Understanding of risk assessment methodologies and control frameworks.

Knowledge of common security risks, vulnerabilities and mitigation strategies. Experience with risk registers, assessment tools and reporting practices. Strong analytical and problem‑solving skills.

Ability to interpret technical information and assess risk implications. Strong attention to detail and organizational skills. Excellent written and verbal communication skills.

What We Offer A comprehensive benefits package that includes health, dental and vision care, employee assistance program, life insurance, short‑term and long‑term disability insurance, 3+ weeks’ vacation and 10 personal days. A diverse and inclusive workplace. Flexible working options.

Maternity leave top‑up. A firm‑matching group retirement savings plan. An individual TFSA with low fund management fees and competitive investment options.

Employee assistance program to support you and your family. A wellness spending account to foster employee well‑being. Professional development opportunities.

Employee appreciation events. Charitable giving programs. Compensation: We offer a market‑leading total rewards package with an expected annual salary range of $85,000 to $125,000.

The final salary is influenced by the location of the incumbent and may fluctuate based on qualifications, skills, and market considerations to ensure alignment with internal and external pay equity standards. Miller Thomson is an equal‑opportunity employer and is committed to equity, diversity, inclusion, and accessibility. Miller Thomson will provide accommodation on request throughout the recruitment, selection and assessment process for applicants with disabilities.

If you require accommodation, please inform our Talent department of the nature of the accommodation that you may require, to ensure your equal participation. #J-18808-Ljbffr