Security Risk Analyst

Miller ThomsonWaterloo, ON
Hybrid
Match Resume

About The Position

As a recognized national law firm, we support, grow, and impact our communities through our work. We help entrepreneurs, companies, and professionals shape and build the Canadian economy. When you start a career with Miller Thomson, you join a firm that puts its people first. We provide the opportunity to influence the course of your career, community, and workplace with the support and backing of a national organization. While teamwork and collaboration are hallmarks of our culture, we accept and encourage individuality. You can expect a friendly, safe, and supportive environment where your colleagues will rally around to help you succeed. Find the spark that will propel your career to new heights. Apply today to join a firm that is dedicated to you. We are seeking a Security Risk Analyst to join our team in any of our offices! The Security Risk Analyst is responsible for identifying, assessing and supporting the management of information security risks across the Firm. Reporting to the Manager, Compliance & Risk, this role contributes to the Firm’s risk management program by evaluating technology risks, supporting control assessments and assisting in the development of mitigation strategies. The position exists to provide analytical and technical expertise in the assessment of risks related to systems, applications, data and third-party services. The Security Risk Analyst works closely with IT teams, business stakeholders and vendors to identify vulnerabilities, assess potential impacts and ensure appropriate controls are in place. This role contributes to maintaining a secure and resilient technology environment by supporting risk assessments, monitoring risk activities and assisting in the continuous improvement of the Firm’s security posture. The Security Risk Analyst plays a key role in enabling informed decision-making related to risk and compliance.

Requirements

  • Bachelor's Degree in Information Security, Information Technology, Risk Management or a related discipline, or an equivalent combination of education and experience.
  • 3-5 years of experience in information security, risk analysis, compliance or related roles.
  • Experience supporting risk assessments or security programs in an enterprise environment.
  • Familiarity with information security frameworks (e.g., ISO 27001, NIST or similar).
  • Understanding of risk assessment methodologies and control frameworks.
  • Knowledge of common security risks, vulnerabilities and mitigation strategies.
  • Experience with risk registers, assessment tools and reporting practices.
  • Strong analytical and problem-solving skills.
  • Ability to interpret technical information and assess risk implications.
  • Strong attention to detail and organizational skills.
  • Excellent written and verbal communication skills.

Nice To Haves

  • Experience in a professional services organization is considered an asset.

Responsibilities

  • Identify and assess information security risks by evaluating systems, processes and technologies to determine potential vulnerabilities and impacts.
  • Analyze risk findings by documenting risk levels, control gaps and mitigation recommendations to support decision-making and risk tracking.
  • Support control reviews by assessing the design and effectiveness of security controls to ensure alignment with policies and standards.
  • Evaluate vendor and third-party risks by reviewing security documentation and assessing compliance with Firm requirements.
  • Maintain risk registers and track remediation activities by monitoring progress and ensuring timely resolution of identified risks.
  • Work with infrastructure, application and business teams to understand risks, recommend controls and support risk mitigation efforts.
  • Assist with audit and compliance initiatives by providing risk-related documentation, evidence and analysis.
  • Contribute to the improvement of risk management practices by identifying trends, recommending enhancements and supporting awareness initiatives.

Benefits

  • Health, Dental and Vision Care
  • Employee Assistance Program
  • Life Insurance
  • Short Term and Long Term Disability Insurance
  • 3+ Weeks’ Vacation
  • 10 Personal Days
  • A Diverse and Inclusive Workplace
  • Flexible working options
  • Maternity Leave Top-up
  • A Firm matching Group Retirement Savings plan
  • An individual TFSA with low fund management fees and competitive investment options
  • Employee Assistance Program to support you and your family
  • A wellness spending account to foster employee well-being
  • Professional Development opportunities
  • Employee appreciation events
  • Charitable giving programs

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Security Risk Analyst job opportunities

Cyber Security Risk Analyst
Federal Reserve System
Federal Reserve System • New York, NY12d • Onsite
Cyber Security Risk Analyst
Federal Reserve Bank of Philadelphia
Federal Reserve Bank of Philadelphia • New York, NY10d • Onsite
Security Risk and Compliance Analyst
Asana
Asana • San Francisco, CA9d • Hybrid
IS Security Risk Analyst III
BlueCross BlueShield of South Carolina
BlueCross BlueShield of South Carolina • Columbia, SC13d
Security Risk and Compliance Analyst
Asana
Asana • San Francisco, CA9d • Hybrid
Cyber Security Risk & Compliance Analyst
QBE Insurance Group
QBE Insurance Group • Sun Prairie, WI6d • Hybrid

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service