Habitat Learn logo
Habitat Learn

Our philosophy is simple, design for the future, for everyone.

Security and Compliance Associate

Security EngineerSecurity EngineerPart TimeRemoteMid LevelTeam 201-500H1B No SponsorCompany SiteLinkedIn

Location

Canada

Posted

3 days ago

Salary

0

Seniority

Mid Level

Bachelor DegreeEnglishCyber Security

Job Description

Security and Compliance Associate

Habitat Learn

• Support ongoing compliance activities across SOC 2, ISO 27001, HIPAA, HECVAT, and TX-RAMP • Collect, organize, and maintain audit evidence and security documentation • Help draft and maintain security policies, procedures, and internal standards • Complete security questionnaires and HECVAT submissions for institutional procurement • Maintain a compliance tracker and support audit readiness activities • Review findings from the Humber Digital Tech Hub cybersecurity assessment • Track remediation tasks and help coordinate follow-up with engineering and leadership • Support updates to the risk register and documentation of control gaps and resolutions • Act as an internal coordinator for progress tracking and reporting • Support user access controls, provisioning, and offboarding processes • Assist with vendor security reviews and BAA tracking • Help coordinate internal security awareness and training activities • Support Apple device management processes (MDM, Apple Business Manager) • Support responses to customer security reviews and procurement due diligence requests • Assist in preparing compliance and security status updates for leadership • Stay informed on relevant privacy and data protection regulations (FERPA, PIPEDA, etc.)

Job Requirements

  • Recent graduate (within 1–2 years) of a diploma or degree in Cybersecurity, Protection & Security Investigation, IT Security, Network Security, or a related field
  • Ontario institutions such as Humber Polytechnic, Seneca Polytechnic, George Brown College, or equivalent programs are strongly welcomed
  • Coursework in cybersecurity frameworks, risk management, or privacy law is an asset
  • Strong attention to detail and highly organized approach to documentation
  • Clear written communication skills (policy writing and institutional responses are key parts of the role)
  • Comfortable working independently in a fast-paced, evolving environment
  • Curious about security and privacy, with an interest in understanding underlying systems (not just processes)
  • Ability to manage multiple priorities and stay structured in a startup setting
  • Exposure to frameworks such as SOC 2, ISO 27001, NIST, HIPAA, or similar is a nice to have
  • Familiarity with Apple device management or enterprise IT environments
  • Entry-level certifications (e.g., CompTIA Security+, ISC2 CC)
  • Experience with tools such as Vanta, Drata, Notion, or Jira
  • Prior co-op, internship, or volunteer experience in IT, security, or compliance

Benefits

  • A meaningful first role with real ownership (not an internship-style support role)
  • Direct mentorship from the VP of Engineering and exposure to company leadership
  • Structured guidance through the Humber Digital Tech Hub cybersecurity assessment
  • Hands-on experience across multiple enterprise compliance frameworks
  • Exposure to real institutional procurement and security processes
  • A mission-driven product supporting accessibility in education
  • Remote Employment
  • Health Benefits

Related Categories

Related Job Pages

More Security Engineer Jobs

World Vision logo

Senior Manager – Network Security, Identity

World Vision

World Vision is an international, Christian humanitarian nonprofit organization that works to end poverty and promote justice. The organization, as an employer,

• Lead Pillar 2 within Global Technology Services (GTS) for global security, performance, and integrity of network infrastructure and identity services. • Manage a small, specialist team: Network Engineers, Network Tech Design Lead, IAM Engineers, and Endpoint Tech Design Lead. • Drive a security-first approach to network design and identity governance. • Oversee firewall configuration, VPN management, Zero Trust network access (ZTNA), and secure remote connectivity. • Define and enforce network security standards in alignment with WVI's GTD Governance framework and CIS Controls v8. • Lead IAM engineering delivery within P2, supporting WVI SDF IAM Programme.

Malaysia

Sr. Specialist Cybersecurity

Magna International

Founded in 1957, Magna International is now one of the largest automotive suppliers in the world. Headquartered in Aurora, Ontario, Canada, the company maintains more than 320 manu

Full TimeRemoteTeam 171,000Since 1957

Job descriptions may display in multiple languages based on your language selection. What we offer:At Magna, you can expect an engaging and dynamic environment where you can help to develop industry-leading automotive technologies. We invest in our employees, providing them with the support and resources they need to succeed. As a member of our global team, you can expect exciting, varied responsibilities as well as a wide range of development prospects. Because we believe that your career path should be as unique as you are. Group Summary:Transforming mobility. Making automotive technology that is smarter, cleaner, safer and lighter. That’s what we’re passionate about at Magna Powertrain, and we do it by creating world-class powertrain systems. We are a premier supplier for the global automotive industry with full capabilities in design, development, testing and manufacturing of complex powertrain systems. Our name stands for quality, environmental consciousness, and safety. Innovation is what drives us and we drive innovation. Dream big and create the future of mobility at Magna Powertrain. Job Responsibilities: POSITION SUMMARY: At Magna Powertrain, Cybersecurity is of the highest priority. The protection of our data, both internal and external, from threats is paramount to our success. The Sr. Specialist - Group Cybersecurity provides leadership, operational enforcement and monitoring of all Cybersecurity policies at the Group level, liaising closely with Corporate Information Security, IT and other related Functions. Magna Powertrain Global Cybersecurity covers 3 security domains related to Information Technology (IT), Operational Technology (OT), and Product Cybersecurity. The role of the Sr. Specialist - Group Cybersecurity is to ensure that all Cybersecurity requirements and protocols are effectively implemented across all locations. ESSENTIAL DUTIES & RESPONSIBILITIES: Serve as Cybersecurity leader in Magna Powertrain (MPT) for monitoring key security and compliance performance indicators (KPIs), analyze results, and drive corrective actions to address gaps and enhance organizational security posture. Provide guidance and expert advice to different business units in areas IT and OT as it relates to security operations and processes. Provide support for remediation of IT audit findings, collaborating with stakeholders to address identified gaps, monitor corrective actions, and ensure timely closure of audit issues. Assess risks for assets and services, and outline mitigation options and timelines. Conduct AI risk assessments to identify, evaluate, and mitigate potential threats associated with artificial intelligence systems and technologies, ensuring compliance with organizational standards Perform group risk monitoring activities, and assist divisions, in maintaining the respective divisional risk registers, ensuring accurate documentation and timely updates of identified risks. Coordinate OT security efforts by applying controls to safeguard critical assets, and advise on creating, updating, testing, and training disaster recovery and business continuity plans Support and continuously improve the Information Security Management System (ISMS) to ensure effective protection of organizational assets and compliance with relevant standards. Design and consolidate standardized security processes and associated procedures to be implemented across MPT Divisions Create awareness campaigns in partnership with Corporate Information Security and providing training The above is intended to describe the general content of and the requirements for the performance of this position. It is not to be construed as an exhaustive statement of duties, responsibilities, or requirements. QUALIFICATIONS: Bachelors of Science degree in Computer Science, Computer Security, Information Systems, or equivalent proof of baseline knowledge. Strong knowledge of various frameworks/regulations such as ISO 27001/2, TISAX, NIST 800-53, NIST Cybersecurity Framework, GDPR, SOX, ITIL, COBIT, COSO or similar. 8+ years of IT and security experience. Accredited certifications a plus, such as: CISA, CISSP, OSCP, CEH (Certified Ethical Hacker) Previous SOC / NOC experience a plus KEY BEHAVIORAL TRAITS FOR SUCCESS: Well-organized and structured; Able to demonstrate strong communication skills and consistently shares knowledge with colleagues, including maintaining clear and thorough documentation; exhibits self-drive and self-motivation by proactively taking initiative, setting high standards for personal achievement, and continuously seeking opportunities to enhance performance and contribute to team success. Technical/Functional Expertise: Able to demonstrate mastery of the technical/functional skills necessary for performing own job; maintain state-of-the-art knowledge of the advances in field; regularly publish or present on leading-edge issues; conduct leading-edge research or similar work that has organization-wide impact; play a key role in advancements in profession. Flexibility & Achieving Change: Able to positively deal with changes that affect job requirements; adapt to shifting priorities in response to the needs of internal and external customers; quickly recognize situations/conditions where change is needed; work to clarify situations where information, instructions, or objectives are ambiguous; support organizational change. Problem Solving & Analysis: Able to gather appropriate data and diagnose the cause of a problem before taking action; separate causes from symptoms; apply lessons learned from others who encountered similar problems or challenges; anticipate problems and develop contingency plans to deal with them; develop and evaluate alternative courses of action. Creativity & Innovation: Able to generate creative ideas to solve problems and improve work methods; apply novel approaches to situations; independently apply professional expertise in ways that are unique or innovative; collaborate with team members to brainstorm creative approaches; rethink situations to create new opportunities or overcome obstacles. Work Environment: - Office Environment Magna Standards: - Follow Magna’s Code of Conduct and Ethics and related compliance policies. - Supports and adheres to policies, procedures, and operational guidelines related to established quality management system (IATF 16949). - Practice and maintain integrity while following Magna’s Charter and Constitution. - Drive the development of new technologies to improve quality, efficiency and reduce cost. - Comply with safety policies and procedures to ensure duties of self are performed in a safe manner. - Health & Safety responsibilities: - Understand applicable Environmental, Health & Safety policies and procedures in the workplace. - Report unsafe conditions immediately. - Report injuries, accidents, illnesses, near misses, property damage immediately. - Follow safety rules. - Comply with requirements for the use or operation of machines or equipment. - Comply with Personal Protective Equipment (PPE) requirements. - Create a positive work environment by demonstrating and sharing functional/technical knowledge. - Develop and maintain a responsive and cooperative working relationship with internal and external customers. - Treat everyone with dignity, trust and respect. - Complete additional duties and responsibilities as assigned. - Comply with Magna’s information and data protection policies. The above is intended to describe the general content of and the requirements for the performance of this position. It is not to be construed as an exhaustive statement of duties, responsibilities, or requirements. This job description reflects the core elements of a position. There may be additional requirements based on local laws and regulations which could be attached as an addendum. Awareness, Unity, Empowerment:At Magna, we believe that a diverse workforce is critical to our success. That’s why we are proud to be an equal opportunity employer. We hire on the basis of experience and qualifications, and in consideration of job requirements, regardless of, in particular, color, ancestry, religion, gender, origin, sexual orientation, age, citizenship, marital status, disability or gender identity. Magna takes the privacy of your personal information seriously. We discourage you from sending applications via email or traditional mail to comply with GDPR requirements and your local Data Privacy Law. AI-Assisted Screening Disclosure As part of our commitment to a fair, consistent, and efficient recruitment process, we may use artificial intelligence (AI) tools to assist in the initial screening of applications submitted through our Workday system. These tools help identify qualifications and experience that align with the role requirements. Please note that AI is used solely to support our recruiters. Final decisions are always made by the hiring manager and the hiring team. Importantly, no applicant data is shared externally through these AI tools. All information remains securely within our systems and is handled in accordance with our privacy and data protection policies. Under conditions defined by applicable law, you may have the right to request an explanation of how AI is used to support decision-making. If you have any questions or concerns about this process, feel free to contact our Talent Attraction team. Worker Type: Regular / Permanent Group: Magna Powertrain

Michigan + 2 moreAll locations: Michigan | Canada | Mexico

Director, IT Governance, Risk & Compliance

Mission Critical Group

Mission Critical Group (MCG) is an end-to-end power solutions and services provider that accelerates time-to-power and delivers scalable, resilient infrastructure for mission critical environments. By integrating engineering, manufacturing, modular deployment, and lifecycle services under one platform, we streamline execution and bring complex projects online faster - without compromising performance. With more than 1.5 million square feet of U.S. manufacturing capacity, MCG supports data centers, power generation, healthcare, oil & gas, pharmaceuticals, semiconductors, and industrial facilities where uptime is non-negotiable. Mission Critical Group designs, manufactures and provides value-added services for customers requiring critical power solutions. Powering a new electric world for a brighter, more secure future.

Role Description - Develop and maintain the enterprise IT GRC strategy, framework, and roadmap. - Establish governance structures, policies, standards, and procedures for IT and cybersecurity. - Present risk, compliance, and governance updates to executive leadership and governance committees. - Align IT risk management initiatives with business objectives and organizational priorities. - Drive continuous improvement of governance and control processes. Risk Management - Lead enterprise IT risk assessments and risk treatment programs. - Identify, assess, monitor, and report technology and cybersecurity risks. - Maintain IT risk registers and oversee remediation efforts. - Facilitate third-party/vendor risk management programs. - Develop key risk indicators (KRIs) and risk reporting metrics. Compliance Management - Ensure compliance with applicable regulations and frameworks such as: - NIST Cybersecurity Framework (CSF) - NIST 800-53 - ISO 27001 - SOC 1 / SOC 2 - PCI-DSS - HIPAA - GDPR - SOX IT General Controls (ITGC) - CIS Controls - Manage compliance assessments, audits, and certification activities. - Track regulatory changes and evaluate organizational impact. - Coordinate remediation plans for compliance findings. Audit & Controls - Serve as the primary liaison for internal and external auditors. - Develop and maintain IT control frameworks and documentation. - Oversee testing of IT General Controls (ITGCs) and security controls. - Monitor corrective actions resulting from audits and assessments. - Ensure evidence collection and audit readiness across IT functions. Security Governance - Collaborate with cybersecurity leadership on security governance initiatives. - Support security awareness and policy compliance programs. - Measure control effectiveness through metrics and reporting. - Participate in incident response reviews and post-incident risk assessments. - Promote a culture of security and accountability throughout the organization. Leadership & Team Management - Build, mentor, and lead IT GRC professionals. - Establish departmental goals, KPIs, and performance metrics. - Manage GRC budgets, vendors, and consulting engagements. - Foster collaboration among IT, Security, Legal, Privacy, Internal Audit, and business units. Qualifications - Bachelor's degree in Information Technology, Cybersecurity, Information Systems, Risk Management, Business Administration, or related field. - Master's degree preferred. - 10+ years of progressive IT, cybersecurity, audit, risk, or compliance experience. - 5+ years in a leadership or management role. - Experience leading enterprise GRC programs. - Demonstrated experience with regulatory compliance and security frameworks. - Experience working with executive leadership and audit committees. Requirements - CISSP (Certified Information Systems Security Professional) - CISM (Certified Information Security Manager) - CRISC (Certified in Risk and Information Systems Control) - CGEIT (Certified in Governance of Enterprise IT) - CISA (Certified Information Systems Auditor) - ISO 27001 Lead Auditor or Lead Implementer Benefits - Enterprise Risk Management (ERM) - IT Governance Frameworks - Cybersecurity Risk Assessment Methodologies - Audit and Control Testing - Third-Party Risk Management - Policy Development and Management - Security and Compliance Monitoring Tools - Governance, Risk & Compliance Platforms (Archer, ServiceNow GRC, OneTrust, AuditBoard, LogicGate, etc.) - Metrics, Reporting, and Executive Dashboard Development Additional Information - A Note to our Recruitment Partners: We really appreciate the interest, but MCG currently manages hiring through our internal team. We love getting to know our candidates directly! Because of this, we don’t accept unsolicited resumes from agencies at this time. If we ever need an extra hand, we’ll be sure to reach out to the community. Thanks for understanding! - MCG is an equal opportunity employer prohibiting discrimination based on race, color, creed, religion, sex, marital status, physical or mental disability, and any other protected classes stated by applicable federal and state laws. - DVM is committed to providing equal employment opportunities to qualified individuals with disabilities and to act in accordance with regulations and guidance issued by the Equal Employment Opportunity Commission (EEOC).

United States
Akima, LLC logo

Security Specialist

Akima, LLC

Akima Intra-Data (AID), an Akima company, is not just another federal logistics services provider. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At AID, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. For our shareholders, AID provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. For our government customers, AID delivers flexible, full-spectrum facilities, maintenance, and repair and logistics services that enable our customers to reduce operating costs, improve productivity, and enhance the value of their existing assets. As an AID employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.

Full TimeRemoteTeam 501-1,000

Role Description AFO is looking for a Security Specialist to work in Chambersburg, PA. The Security Assistant supports personnel security, onboarding, and access control functions at Letterkenny Army Depot. This role manages the administrative processing of new applicants, including initiation of background checks, coordination of security documentation, and issuance of depot access badges and CAC/ID cards. The Security Assistant ensures all onboarding actions comply with Army, DoD, and depot-level security policies, enabling newly hired personnel to enter the installation and begin work safely and efficiently. Responsibilities: - Manage the administrative onboarding process for new hires, contractors, and visitors requiring access to LEAD. - Prepare, review, and submit required personnel security documents, background check requests, and onboarding packets in accordance with DoD and depot procedures. - Coordinate with applicants to collect documentation, schedule appointments, and resolve missing or incomplete information. - Process and issue installation access badges, CAC cards (if applicable), and visitor passes using approved systems and protocols. - Maintain accurate security files and electronic records, ensuring compliance with Army and DoD privacy and data-handling requirements. - Serve as the primary point of contact for applicants and internal staff regarding onboarding status, badge issuance, and access requirements. - Track and maintain badge inventories, expiration dates, and revocations; ensure timely renewal and deactivation of credentials. - Assist with depot access roster updates, visitor authorizations, and security reporting requirements. - Coordinate closely with LEAD Security Office personnel, HR staff, and program leadership to ensure seamless onboarding. - Provide administrative support to the security team, including data entry, correspondence preparation, and record audits. Qualifications - High school diploma or equivalent; associate degree preferred. - 2+ years of administrative, personnel security, HR onboarding, or customer service experience. - Familiarity with DoD, Army, or federal personnel security processes preferred (e.g., eQIP/DISS, background check systems). - Strong organizational skills with the ability to manage high-volume onboarding workflows. - Excellent communication and customer-service skills, with the ability to work professionally with applicants at all levels. - High attention to detail and strict adherence to data accuracy and privacy requirements. - Proficiency with Microsoft Office Suite and administrative tracking systems. Requirements - Job ID: 2026-23997 - Work Type: Remote - Pay Range: $30-38/hr - Health & Welfare: $5.09 Benefits - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. - Vacation, holiday and sick Leave offered will be as defined under the DOL's Wage Determination. Company Description Work Where it Matters Akima Facilities Operations (AFO), an Akima company, is not just another federal facilities contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At AFO, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. - AFO provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. - AFO sustains mission readiness and ensures quality of life by maintaining high value assets and operations at peak performance and successfully manages these operations through accurately forecasting, managing, and aggressively controlling costs. - As an AFO employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. - You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.

United States
$30 - $38 / hour