Analyst, Security Governance

VIA HFR - VIA TGF IncMontreal, QC
Hybrid

About The Position

The Analyst, Security Governance supports the governance, coordination, and lifecycle management of Alto’s security program, ensuring security processes operate smoothly, consistently, and in compliance with Government of Canada requirements. This role is non‑technical and process-focused, acting as the central point of coordination for security governance activities such as Security Assessment & Authorization (SA&A) coordination, personnel security clearances, security investigations support, exceptions management, and security-related project coordination. The role is process‑driven, organizational, and coordination‑focused, requiring strong attention to detail, documentation discipline, and stakeholder engagement rather than hands‑on technical security operations.

Requirements

  • Minimum 3 to 5 years of progressive experience in information security, governance, compliance, risk management, or related IT/security roles, with a strong emphasis on coordination, documentation, and lifecycle management.
  • Post‑secondary education in Information Security, Information Management, Business Administration, or a related field, or equivalent experience.
  • Minimum 2 years’ experience supporting security governance, risk, or compliance activities.
  • Experience coordinating solution security assurance activities.
  • Working knowledge of Government of Canada security concepts and frameworks (e.g. ITSG‑33).
  • Experience managing security documentation, evidence tracking, and lifecycle management.
  • Minimum 2 years experience providing project coordination or project management support across multiple concurrent workstreams
  • Strong ability to track timelines, dependencies, risks and follow-ups.
  • Excellent written communications skills and strong attention to detail.
  • Ability to work effectively with technical and non‑technical stakeholders.
  • Demonstrated discretion in handling sensitive and confidential information.
  • Ability to obtain and maintain a Government of Canada SECRET clearance is required.

Nice To Haves

  • Relevant Security Certifications are considered assets (CISSP, CISM, etc).
  • Ability to work in a bilingual environment (English/French) may be considered an asset.
  • Experience in a regulated or government security environment is an asset.
  • Experience coordinating Canadian Government Security Assessment & Authorization (SA&A) and experience managing or supporting government personnel security clearance processes is considered an asset.

Responsibilities

  • Act as the primary coordinator for security governance processes that support the organization’s overall security posture.
  • Ensure security processes are executed consistently, documented appropriately, and tracked through their full lifecycle.
  • Serve as a liaison between security, IT, project teams, and business stakeholders on governance‑related security activities.
  • Coordinate SA&A activities in accordance with Government of Canada security frameworks (e.g. ITSG‑33).
  • Support assessment tracking, documentation management, evidence collection and re-certification cycles.
  • Maintain records of findings, risks and remediation activities and support follow-up tracking as required.
  • Support lifecycle management for systems requiring ongoing security authorization.
  • Own and manage personnel security clearance processes including initiation, tracking, renewals and changes and coordinate guest access and visitor clearance verification.
  • Maintain authoritative clearance records and ensure continuity of clearance-related processes.
  • Provide governance and coordination support to security investigations, which includes gathering, organizing, and collating investigation‑related information and stakeholder inputs.
  • Maintain investigation records and documentation in accordance with policy and support post-investigation follow-ups.
  • Manage security governance workflows for exceptions to established security processes (ex. USB transfers or controlled data handling).
  • Track approvals, conditions, expirations, and compensating controls, ensuring exceptions are documented, reviewed, and re‑assessed as required.
  • Provide project management and coordination support to security initiatives, such as Threat Vulnerability Risk Assessments (TVRA), email phishing programs and security awareness or compliance initiatives and support reporting and status updates to security leadership.
  • Maintain and improve security governance documentation, including process descriptions, templates and tracking artefacts.
  • Identify gaps, inefficiencies, or risks in existing governance workflows and propose improvements, ensure documentation aligns with policy and audit expectations.

Benefits

  • Basic paid group insurance for you and your family: medical, dental, life, disability, etc.
  • Access to wellness and health accounts to support your lifestyle.
  • Flex-Alto account of $500 to encourage a healthier approach and a more sustainable mode of transportation.
  • A retirement plan and savings options (RRSP and TFSA).
  • Vacations based on experience, available upon hiring.
  • An incentive compensation program.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service