Cybersecurity Senior Analyst

Saputo Inc.Georgetown, ON
CA$88,140 - CA$115,685Hybrid

About The Position

Saputo is seeking a Cybersecurity Senior Analyst to join its Cybersecurity team and report to the IT Cybersecurity Manager. The senior analyst will collaborate closely with IT and OT department for the awareness, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture. The Cybersecurity Senior Analyst will lead and continuously improve several strategic cybersecurity functions, including: Cybersecurity Governance and Policy Management, Cybersecurity Awareness and Culture Development, Third-Party Risk Management (TPRM), TPRM Platform Administration (Archer), and Cybersecurity Program Reporting and Executive Communications. The individual will collaborate closely with IT, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture and ensure compliance with internal requirements and external regulations. As many operational cybersecurity activities are performed by managed security service providers and external partners, the Senior Analyst will provide governance, oversight, quality assurance, and continuous improvement recommendations to ensure the effectiveness of delivered services. This role also requires strong communication and presentation skills to develop executive dashboards, reports, and presentations for senior leadership, the Security Committee, and the Audit Committee.

Requirements

  • Bachelor’s degree in information security, Computer Science, Information Technology or related field.
  • Minimum 4 years of experience in cybersecurity, governance, risk management, consulting, or security operations.
  • Able to communicate effectively with technical and non-technical stakeholders.
  • Strong analytical, organizational, and problem-solving capabilities.
  • Experience managing multiple initiatives in a fast-paced environment.
  • Cybersecurity frameworks (NIST CSF, ISO 27001).
  • Third-Party Risk Management and security assessments.
  • Governance, Risk and Compliance (GRC) platforms Archer.
  • Compliance
  • Risk management and policy development
  • Cybersecurity metrics, dashboards, and executive reporting.
  • Excellent French and English written and verbal communication skills.

Nice To Haves

  • Microsoft 365, Purview, cloud security, and SaaS security concepts are assets.
  • As part of their duties, the position holder will be required to communicate and collaborate in English and French, both orally and in writing, with colleagues or other stakeholders located in Québec, elsewhere in Canada, or across North America.

Responsibilities

  • Develop, maintain, and review cybersecurity policies, standards, and procedures.
  • Ensure alignment with regulatory requirements and industry frameworks (NIST, ISO 27001).
  • Support audits and cybersecurity governance initiatives.
  • Promote policy awareness and adoption across the organization.
  • Develop and maintain Saputo's IT and OT cybersecurity awareness strategy and roadmap.
  • Design and deliver awareness campaigns, phishing simulations, and role-based training.
  • Collaborate with HR and Communications to foster a strong security culture.
  • Measure program effectiveness through KPIs and recommend improvements.
  • Report awareness program performance to management and governance committees.
  • Identify opportunities to improve cybersecurity culture and employee engagement.
  • Conduct cybersecurity assessments of third-party vendors and SaaS providers.
  • Review vendor security controls, certifications, and compliance documentation.
  • Identify and communicate risks, remediation requirements, and recommendations.
  • Support ongoing vendor monitoring and annual reassessments.
  • Collaborate with Procurement, Legal, Privacy, and IT stakeholders throughout the vendor lifecycle.
  • Act as the primary subject matter expert (SME) for the Archer GRC platform.
  • Configure and maintain questionnaires, workflows, dashboards, and reports.
  • Identify opportunities to automate and improve cybersecurity governance processes.
  • Maintain the Archer enhancement roadmap and manage platform improvements.
  • Develop cybersecurity metrics, dashboards, and executive reports.
  • Prepare presentations for senior leadership, Security Committees, and Audit Committees.
  • Provide oversight of cybersecurity services delivered by external partners and managed service providers.

Benefits

  • Generous and complete benefit coverage with group insurance
  • Group retirement plan with employer contribution
  • Telemedicine and assistance program for employees and their families
  • Employee Share Ownership Plan with an employer match
  • Paid Parental Leave program
  • Paid time off: Sick days, floater days and volunteer day off
  • Opportunity to contribute to a collective RRSP & TFSA
  • Training and development programs
  • Saputo Flex Program, flexible work environment (schedule/location/time off) according to department needs
  • Organized activities for employees and their families
  • Advantageous discounts on Saputo products
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service