Senior Information Security Consultant - Canada (SMB)

About The Position

Requirements

• 5+ years’ experience in security, risk, compliance, or GRC-focused roles.
• Strong practical experience with one or more frameworks such as ISO 27001, SOC 2, NIST, or similar.
• Proven experience delivering client-facing GRC or compliance engagements.
• Confidence leading client meetings, workshops, and complex discussions.
• Ability to design security governance and compliance programmes, not just implement them.
• Strong written communication skills, with experience producing high-quality client documentation.
• Experience mentoring or supporting the development of junior team members.
• Strong organisational skills and ability to manage multiple engagements and priorities.
• A pragmatic, solutions-focused mindset with an understanding of business realities.
• Consulting experience is highly desirable.
• If you think you can deliver but don't match the criteria above, please don't be put off. We are very open-minded and focus on ability and attitude above skills.

Responsibilities

• Lead and deliver GRC consulting engagements across a range of clients and industries.
• Act as the primary point of contact for assigned clients, owning delivery quality and client satisfaction.
• Design and implement GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards.
• Lead security posture assessments, gap analyses, and maturity reviews.
• Develop practical remediation roadmaps and guide clients through implementation.
• Support clients through audit preparation, certification, and external assessments.
• Facilitate client workshops, risk assessments and stakeholder sessions with confidence and authority.
• Provide expert guidance on security governance, risk management, and compliance strategy.
• Interpret standards and regulations and translate them into pragmatic, business-focused solutions.
• Advise clients on control design, operating models, and sustainable compliance practices.
• Support the development of client security documentation including policies, procedures, risk registers, control frameworks and governance models.
• Help clients embed compliance into operational and technical processes rather than treating it as a one-off activity.
• Own the quality of client deliverables, ensuring accuracy, clarity and consistency with internal standards.
• Review and provide constructive feedback on work produced by junior consultants and analysts.
• Continuously improve delivery playbooks, templates, and methodologies.
• Ensure engagements are delivered on time, within scope, and to a high professional standard.
• Mentor and support junior team members, accelerating their technical and consulting development.
• Provide guidance, coaching, and informal line management support where required.
• Act as a role model for consulting best practice and professional conduct.
• Contribute to building a collaborative, high-performing team culture.
• Identify opportunities to improve delivery efficiency, tooling, and ways of working.
• Contribute to the development of a scalable and repeatable GRC consulting model.
• Support pre-sales activity where required, including scoping, proposal input and client discovery sessions.
• Help shape the strategic direction of the GRC practice through feedback and innovation.

Benefits

• Annual Leave: days per year, plus Canadian bank holidays
• Additional Leave: 1 day of paid leave on your Birthday!
• Professional Development: $4,000 CAD annual training budget to support your continued learning and career growth
• A dynamic and supportive work environment where customer care and innovation drive everything we do
• Refer-a-friend bonus scheme (up to $4,000 CAD)