Security Analyst. Remote, Canada

Security, Risk & PCI Compliance · Mississauga, Ontario
Department Security, Risk & PCI Compliance
Employment Type Full-time
Minimum Experience Mid-level
Compensation To be negotiated

We’re looking for talented security specialists to grow our team. If you’re an Information Security Analyst or Specialist and look forward to working in challenging and changing environments, we have an excellent opportunity for you.

As part of the Control Gap team, you’ll work with high-profile clients in various industries and collaborate with a team of highly-skilled security consultants on challenging projects, large and small. We analyse, assess and design effective security controls to help clients achieve Payment Card Industry (PCI) compliance, privacy compliance, and to improve enterprise-wide security.

As a subject matter expert, you’ll work within our team to input and help advise clients on data security to help prevent potential security breaches before they occur. We provide services onsite at our client sites and also remotely, therefore some travel should be expected.

We value strong knowledge of information security controls and principles, privacy frameworks, the Payment Card Industry Data Security Standard (PCI DSS). You also must have exceptional written and verbal skills with real world work experience as an information security analyst or specialist.

Our intent is to have you grow with us while, if you desire, working towards being a well rounded security consultant and to obtain the elite Payment Card Industry Qualified Security Assessor (PCI QSA) certification, and other valuable industry security and audit related certifications.

Our people are our most valuable assets and we believe in fostering career development and growth opportunities for every individual on our team. We also offer a competitive benefits package and an excellent work environment that encourages team work. 


  • Assisting with conducting various information security, compliance assessments, analyses, and providing advice and consultation (e.g. Report on Compliance, Risk Assessments, Gap Analysis, and more)
  • Assisting with creating professional reports for our clients that detail your assessment findings, and your advice
  • Assisting with consulting with clients to help them understand our findings and their remediation options
  • Assisting with providing advisory and input on security architecture with regards to PCI, Privacy, and Cyber Security
  • Assisting our sales team with pre-sales activities, proposal creation, needs analysis, and solution design
  • Attending industry events and webinars
  • Working with multiple clients on a number of projects
  • Writing summaries and executive briefs
  • Travel to company offices and client work sites across Canada 

Education and Work Experience:

  • Degree in Information Security or related field is an asset
  • Minimum 2 years of experience in an Information Technology field
  • Minimum 2 years of experience working in Information Security domains
  • Minimum 2 years of experience measuring security controls, IT auditing, business processes, providing advice, and/or related security consulting experience

Industry Certifications:

  • CISA and/or CISSP certifications is required, or must be in progress
  • PCI QSA, PCI PA-QSA, PCI ISA, and/or PCIP, is an asset
  • Multiple industry certifications in the Information Security/Audit is an asset

Technical Skills:

  • Familiarity with as much of the following, or the eagerness to learn and to be proficient in these areas
  • Familiarity with Information Technology systems
  • Familiarity with various information security concepts, including; network and wireless security, application security, industry best practices, systems hardening, data encryption, data privacy, incident response, business continuity, physical security, risk assessments, vulnerability scanning, penetration testing, file integrity monitoring, log monitoring, and documented security governance controls (i.e. policies, processes, standards, procedures).
  • Familiarity with a variety of security products and technologies
  • Familiarity with industry best practices and standards such as CIS and NIST, including security hardening techniques
  • Understanding of Unix, Linux, Windows and database server configurations
  • Understanding of networking systems configurations, including firewalls
  • Understanding of application architecture, software development lifecycle processes, including secure coding techniques
  • Understanding of server virtualization technologies
  • Understanding of cloud platforms and technologies

Soft Skills:

  • Exceptional customer service, communication and interpersonal skills
  • Strong written and verbal communication skills.
  • Strong organizational skills
  • Strong time management skills
  • Honesty and integrity
  • Dedication to providing solutions to meet or exceed client's needs and expectations
  • Ability to handle challenges and project work loads


  • Company paid medical and dental benefits and wellness plan
  • Company paid cellular phone, phone service, and data plan
  • RRSP contribution
  • Company paid continuing professional education and certification maintenance 
  • 4 weeks of paid vacation, with 5 weeks of paid vacation after 5 years of service 
  • Company team building events every 2 months 
  • Competitive compensation with bonus structure 



  • You must be located within reasonable travelling distance of the Control Gap Headquarters in Mississauga, Ontario, Canada
  • You must possess reliable transportation to travel to company offices and to client work sites
  • Flexible work options, including working from home

To learn more about Control Gap please review our website:

Thank You

Your application was submitted successfully.

  • Location
    Mississauga, Ontario
  • Department
    Security, Risk & PCI Compliance
  • Employment Type
  • Minimum Experience
  • Compensation
    To be negotiated