Security Analyst - Security & Governance Compliance

Staples CanadaRichmond Hill, ON
Onsite
Match Resume

About The Position

The Security Analyst, Security Risk & Compliance will support the management and continuous improvement of Staples Canada’s PCI compliance program and broader cybersecurity risk activities. This role will work closely with cybersecurity, technology, audit, and business stakeholders to coordinate PCI compliance tasks, gather evidence, track remediation activities, support security projects, and help business teams understand PCI and cyber-risk requirements.

Requirements

  • Diploma or degree in cybersecurity, IT, computer science, risk management, or a related field; equivalent experience may be considered.
  • 2–4 years of experience in cybersecurity, IT risk, compliance, audit, or technology.
  • Experience supporting assessments, audits, control testing, compliance activities, and evidence collection.
  • Basic understanding of cybersecurity risk, compliance, and frameworks such as PCI DSS, NIST CSF, ISO 27001, SOC 2, or CIS Controls.
  • Strong documentation, analytical, communication, and stakeholder coordination skills.
  • Ability to track risks, issues, action items, remediation plans, and compliance evidence.
  • Experience with tools such as Microsoft Office, SharePoint, Teams, ServiceNow, Jira, or Confluence

Nice To Haves

  • retail, payment, PCI, or relevant certifications are assets.

Responsibilities

  • Support the development, review, approval, communication, and refresh of information security and risk management policies.
  • Maintain policy repositories and assist with governance reporting, metrics, and committee materials.
  • Participate in enterprise and IT risk assessments, including risk identification, scoring, documentation, and mitigation tracking.
  • Support risk workshops, maintain risk registers, and follow up on remediation activities with business and technology teams.
  • Support compliance programs aligned to frameworks such as SOC 1/SOC 2, ISO/IEC 27001, PCI DSS, NIST CSF, and NIST 800-53.
  • Assist with audits, evidence collection, control testing, issue tracking, and security/compliance inquiries.
  • Support vendor risk assessments, evidence reviews, issue tracking, and coordination with procurement, legal, and security teams.
  • Identify opportunities to improve GRC processes, documentation, tooling, and support GRC platform maintenance.

Benefits

  • Associate discount
  • Health and Dental benefits
  • RRSP/DPSP
  • Performance bonuses
  • Learning & Development programs

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

Associate degree

Job Search Resources

Similar Security Analyst - Security & Governance Compliance job opportunities

Lead Governance & Compliance Analyst
Thomson Reuters
Thomson Reuters • Washington, DC12d • $136,000 - $253,000 • Hybrid
Lead Governance & Compliance Analyst
Thomson Reuters
Thomson Reuters • Columbia, WA10d • Hybrid
Governance, Risk & Compliance Analyst
Docebo
Docebo • Toronto, ON13d • CA$68,300 - CA$91,000 • Hybrid
Information Security Governance Analyst
Hallmark Cards
Hallmark Cards • Kansas City, MO7d • $90,000 - $110,000 • Hybrid
Governance, Risk and Compliance Analyst
Aderant
Aderant2d
Enterprise CJIS Compliance & Security Governance Manager
State of Colorado
State of Colorado • Denver, CO7d • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service