Job Description
About the Role:
The Threat, Risk, and Vulnerability Assessment (TRVA) Cyber Analyst plays a critical role in protecting ATCO's business by identifying, assessing, and helping mitigate cybersecurity risks across projects, vendors, and technology environments. Working closely with teams across the organization, this role supports cybersecurity risk assessments, compliance activities, and the development of policies, standards, and controls that strengthen ATCO's overall security posture. The TRVA Cyber Analyst collaborates with stakeholders across ATCO to enable secure, resilient operations. This position offers the opportunity to contribute to meaningful work, build strong partnerships, support continuous improvement, and help drive secure innovation across ATCO's global operations.
What You Get to Do:
• Conduct cybersecurity risk assessments for vendors, projects, systems, applications, and business initiatives.
• Document and communicate identified risks, impacts, remediation activities, and mitigation strategies to stakeholders.
• Validate risk assessment artifacts and collect supporting evidence for audits, assessments, and compliance activities.
• Assist with managing ATCO's IT and Corporate Risk Registers.
• Prepare risk and compliance presentations, quarterly reports, and metrics for leaders and executives.
• Provide advice on cybersecurity policies, standards, guidelines, procedures, and secure operational processes.
• Support cybersecurity compliance methodology aligned with NIST, industry regulations, and standards.
• Assist with internal and external audits, certifications, and compliance practices across the company.
• Assess cyber control effectiveness and recommend practical improvements to strengthen risk and compliance outcomes.
• Collaborate with technical and non-technical teams to support remediation, training, process improvements, and risk awareness.
What You Bring:
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity or related discipline
• 4+ years of cybersecurity risk management, analysis, and compliance experience in a complex IT environment.
• Knowledge of third-party vendor, project, IT, and systems risk assessment frameworks.
• Experience facilitating risk assessments, monitoring risks, and supporting enterprise tools and risk registers.
• Knowledge of cybersecurity, privacy, governance, and regulatory frameworks such as NIST, and ISO.
• Understanding of business processes, cybersecurity controls, cloud security principles, and industry best practices.
• Familiarity with TCP/IP, WAN/LAN concepts, operating systems, firewall, endpoint, and cloud security principles and tools.
• Strong analytical skills, with the ability to interpret complex data and translate audit requirements into security controls and frameworks.
• Clear written, verbal, and facilitation skills with technical teams, business leaders, legal professionals, and vendors.
• Ability to work with external vendors and suppliers to explain and demonstrate policy compliance.
• Detail-oriented, ethical, flexible, and self-driven.
• CISSP, CISM, CRISC and/or CISA designations are assets.
What We Offer:
• A culture based on caring, integrity, agility, collaboration, and striving for excellence
• Competitive compensation
• Flex benefits
• Tuition assistance program
• Training and mentorship programs
• Charitable donation matching
We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.