
Security and Compliance Associate
Posted Jun 30

Posted Jun 30
This is a fully remote position, open to applicants in Canada.
• Assist with ongoing compliance initiatives related to SOC 2, ISO 27001, HIPAA, HECVAT, and TX-RAMP.
• Gather, organize, and uphold audit evidence and security documentation.
• Aid in drafting and maintaining security policies, procedures, and internal standards.
• Complete security questionnaires and HECVAT submissions for institutional procurement processes.
• Maintain a compliance tracker and aid in audit readiness efforts.
• Review findings from the cybersecurity assessment conducted by the Humber Digital Tech Hub.
• Monitor remediation tasks and facilitate follow-up coordination with engineering and leadership.
• Support updates to the risk register and document control gaps along with their resolutions.
• Serve as an internal coordinator for tracking progress and reporting.
• Assist with user access controls, provisioning, and offboarding procedures.
• Help with vendor security reviews and Business Associate Agreement (BAA) tracking.
• Aid in organizing internal security awareness and training initiatives.
• Support Apple device management processes, including MDM and Apple Business Manager.
• Assist in responding to customer security reviews and procurement due diligence inquiries.
• Help prepare compliance and security status updates for leadership.
• Stay updated on relevant privacy and data protection laws (such as FERPA, PIPEDA, etc.).
• Recent graduate (within the last 1–2 years) of a diploma or degree program in Cybersecurity, Protection & Security Investigation, IT Security, Network Security, or a related discipline.
• Graduates from Ontario institutions such as Humber Polytechnic, Seneca Polytechnic, George Brown College, or equivalent programs are highly encouraged to apply.
• Coursework in cybersecurity frameworks, risk management, or privacy law is advantageous.
• Exceptional attention to detail and a highly organized approach to documentation.
• Strong written communication skills are essential, as policy writing and institutional responses are significant aspects of the role.
• Comfortable working autonomously in a fast-paced and evolving environment.
• A keen interest in security and privacy, with a desire to understand the underlying systems rather than just the processes.
• Ability to manage multiple priorities effectively and maintain structure within a startup atmosphere.
• Familiarity with frameworks such as SOC 2, ISO 27001, NIST, HIPAA, or similar is a plus.
• Knowledge of Apple device management or experience in enterprise IT environments.
• Entry-level certifications (e.g., CompTIA Security+, ISC2 CC) are preferred.
• Experience with tools such as Vanta, Drata, Notion, or Jira is beneficial.
• Previous co-op, internship, or volunteer experience in IT, security, or compliance is desirable.
• A significant first role that offers real ownership (as opposed to an internship-style support position).
• Direct mentorship from the VP of Engineering and opportunities to engage with company leadership.
• Structured guidance through the Humber Digital Tech Hub cybersecurity assessment process.
• Hands-on experience with various enterprise compliance frameworks.
• Insight into real institutional procurement and security operations.
• A mission-driven product that promotes accessibility in education.
• Remote work opportunities.
• Health benefits provided.
Baringa
Inetum
AddSales
IonQ
Get handpicked remote jobs straight to your inbox weekly.