Job Title

Join to apply for the Cybersecurity Risk Analyst role at Rexall Pharmacy Group Ltd. Get AI-powered advice on this job and more exclusive features. Total rewards package meant to enhance your work-life flexibility Fully utilizing your talent Professional growth and development via challenging projects and assignments Warm and fuzzy feelings knowing you have helped your community, your team, the business and social causes through the Rexall Care Network What You Are Looking For Total rewards package meant to enhance your work-life flexibility Fully utilizing your talent Professional growth and development via challenging projects and assignments Warm and fuzzy feelings knowing you have helped your community, your team, the business and social causes through the Rexall Care Network Reporting to the Manager, Cybersecurity Risk Management and Compliance, the Cybersecurity Risk Analyst supports the Cybersecurity Risk Management & Compliance Manager in implementing and maintaining the organizations cybersecurity governance, risk, and compliance (GRC) program. This role is responsible for assisting in the development and enforcement of information security policies, conducting vendor security reviews, managing periodic control assessments, supporting compliance initiatives (such as PCI DSS), coordinating security awareness activities, and helping ensure that cybersecurity risks are identified and managed effectively across the enterprise. What Youll Be Doing Support the execution of the organizations cybersecurity risk management process, including identification, assessment, tracking, and mitigation of security risks. Assist with maintaining compliance with security frameworks and regulatory standards (e.g., PCI DSS, PIPEDA, NIST CSF, ISO 27001, CIS Controls) Collect and organize audit evidence for internal and external audits; follow up on remediation activities for identified findings. Conduct vendor risk assessments (VRA) by reviewing security documentation, questionnaires, and controls, and track remediation actions. Maintain and update the information security and privacy application inventory, ensuring classification and ownership are accurate. Assist in the development, review, and communication of security policies, standards, and procedures. Help ensure policies remain current with regulatory and industry best practices. Track compliance exceptions and coordinate corrective actions Support the organizations cybersecurity awareness and phishing simulation programs, including tracking participation and metrics Develop and distribute awareness materials, newsletters, or campaigns in collaboration with the Cybersecurity team Conduct quarterly user access reviews, firewall rule reviews, and other periodic control checks Document and track control findings and remediation plans Prepare summary reports for management review Support the security incident response process, including evidence collection, documentation, and post-incident review Participate in annual tabletop exercises and help update response playbooks as needed Assist in preparing security metrics, dashboards, and risk reports for management. Monitor industry developments, threat trends, and emerging regulations to support continuous program improvement Work in a cooperative manner with the IT Organization Perform other duties as assigned to support Rexall Pharmacy Group Ltd. Knowledge, Skills And Experience Bachelors degree in information security, Information Technology, Computer Science, or a related field. 25 years of experience in information security, IT audit, or risk and compliance roles Understanding of common cybersecurity frameworks (NIST, ISO 27001, CIS Controls, PCI DSS) Experience with security risk assessments, vendor risk reviews, or audit evidence collection Strong understanding of IT systems, cloud environments, network security, and data protection fundamentals Proficient in using GRC platforms or tracking spreadsheets for risk/compliance activities Familiarity with security tools and software such as SIEM (Security Information and Event Management) systems, vulnerability scanners, and penetration testing tools. Experience with cloud security and securing virtualized environments. Knowledge of regulatory compliance standards such as PIPEDA, or PCI DSS. Previous experience in incident response and handling security breaches. Systems administration experience, in UNIX, Networks and Windows is considered a strong asset. Excellent analytical and documentation skills with strong attention to detail Ability to communicate security and compliance concepts clearly to both technical and non-technical stakeholders Strong organizational and time management skills to manage multiple priorities Curious, proactive, and eager to learn across a broad range of cybersecurity domains. Strong integrity and professionalism when handling sensitive data or confidential assessments Team-oriented with a collaborative approach to solving problems. Ability to work independently under minimal supervision while meeting deadlines Strong customer service orientation. At Rexall, we are better together. We serve our customers, partners, and patients bestwe are our bestwhen everyone brings their true self to work. Our connected, inclusive culture celebrates our lived experiences, backgrounds, expertise, and self-expression to let us win as one team. Leveraging our differences distinguishes us and brings out our best performance. Rexall Pharmacy Group is committed to providing an accessible environment for all of our customers, employees, and job applicants. Rexall Pharmacy Group will make available to any selected applicants accommodations and/or accessible formats should they require. Candidates are encouraged to discuss any accommodation they may need in order to allow for the most effective selection process. Are you #ALLin? #J-18808-Ljbffr