Location: Canada (Remote)

Salary: $85,000 - $110,000 CAD

Our GRC Consulting practice helps organisations strengthen their security posture and achieve compliance through clear, structured and practical guidance. We work with clients at different stages of maturity, from building foundational security programmes to operating mature, scalable compliance functions.

This is a client-facing, delivery-led role for an experienced security and compliance professional who can lead engagements, own client relationships and provide high-quality advisory services. You will play a key role in shaping client outcomes, mentoring junior team members, and helping evolve our GRC delivery capability.

As a Senior Information Security Consultant, you will take responsibility for designing and delivering GRC engagements end-to-end. You will translate regulatory and framework requirements into practical, business-aligned solutions, guide clients through complex compliance challenges, and act as a trusted advisor to technical and non-technical stakeholders alike.

This role suits someone who combines strong technical GRC knowledge with consulting experience, confidence in client delivery, and a desire to raise the standard of security governance across organisations.

Key Responsibilities

Client Leadership & Delivery

• Lead and deliver GRC consulting engagements across a range of clients and industries.
• Act as the primary point of contact for assigned clients, owning delivery quality and client satisfaction.
• Design and implement GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards.
• Lead security posture assessments, gap analyses, and maturity reviews.
• Develop practical remediation roadmaps and guide clients through implementation.
• Support clients through audit preparation, certification, and external assessments.
• Facilitate client workshops, risk assessments and stakeholder sessions with confidence and authority.

Advisory & Technical Expertise

• Provide expert guidance on security governance, risk management, and compliance strategy.
• Interpret standards and regulations and translate them into pragmatic, business-focused solutions.
• Advise clients on control design, operating models, and sustainable compliance practices.
• Support the development of client security documentation including policies, procedures, risk registers, control frameworks and governance models.
• Help clients embed compliance into operational and technical processes rather than treating it as a one-off activity.

Quality & Delivery Excellence

• Own the quality of client deliverables, ensuring accuracy, clarity and consistency with internal standards.
• Review and provide constructive feedback on work produced by junior consultants and analysts.
• Continuously improve delivery playbooks, templates, and methodologies.
• Ensure engagements are delivered on time, within scope, and to a high professional standard.

Team Leadership & Mentorship

• Mentor and support junior team members, accelerating their technical and consulting development.
• Provide guidance, coaching, and informal line management support where required.
• Act as a role model for consulting best practice and professional conduct.
• Contribute to building a collaborative, high-performing team culture.

Operational Improvement & Practice Growth

• Identify opportunities to improve delivery efficiency, tooling, and ways of working.
• Contribute to the development of a scalable and repeatable GRC consulting model.
• Support pre-sales activity where required, including scoping, proposal input and client discovery sessions.
• Help shape the strategic direction of the GRC practice through feedback and innovation.

Requirements

• 5+ years’ experience in security, risk, compliance, or GRC-focused roles.
• Strong practical experience with one or more frameworks such as ISO 27001, SOC 2, NIST, or similar.
• Proven experience delivering client-facing GRC or compliance engagements.
• Confidence leading client meetings, workshops, and complex discussions.
• Ability to design security governance and compliance programmes, not just implement them.
• Strong written communication skills, with experience producing high-quality client documentation.
• Experience mentoring or supporting the development of junior team members.
• Strong organisational skills and ability to manage multiple engagements and priorities.
• A pragmatic, solutions-focused mindset with an understanding of business realities.
• Consulting experience is highly desirable.

If you think you can deliver but don't match the criteria above, please don't be put off. We are very open-minded and focus on ability and attitude above skills.

What We Offer

• Annual Leave: days per year, plus Canadian bank holidays
• Additional Leave: 1 day of paid leave on your Birthday!
• Professional Development: $4,000 CAD annual training budget to support your continued learning and career growth
• A dynamic and supportive work environment where customer care and innovation drive everything we do
• Refer-a-friend bonus scheme (up to $4,000 CAD)

Why Join Us?

At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact for our clients. We'd love to hear from you if you want to challenge, lead and innovate!

We're not just about the work; we're about the people. Join a team where innovation is celebrated, and your contributions are valued. We foster a collaborative environment where fresh ideas thrive, and professional growth is encouraged.

Applications

Please feel free to reach out to Andrea, our Senior Recruiter, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – hiring@cognisys.group

Please note: We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email - please apply directly through the job advert page.

We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs.

NO RECRUITMENT AGENCIES, PLEASE