Saputo Inc (SAP)

Cybersecurity Senior Analyst

Saputo Inc (SAP)$88K — $115K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor’s degree in information security, Computer Science or related field.
  • Minimum 4 years in cybersecurity, governance, risk management, or security operations.
  • Proficiency with NIST CSF and ISO 27001 frameworks.
  • Experience with Third-Party Risk Management and GRC platforms, particularly Archer.
  • Bilingual in English and French, with strong communication skills.

Responsibilities

  • Develop and review cybersecurity policies and ensure compliance with regulations.
  • Create and implement a cybersecurity awareness strategy and training programs.
  • Conduct cybersecurity assessments of third-party vendors and SaaS providers.
  • Administer the Archer GRC platform, including configuration and enhancements.
  • Generate executive reports and metrics on cybersecurity performance.

Benefits

  • Comprehensive benefit coverage through group insurance.
  • Employer-matched retirement plans and collective RRSP & TFSA options.
  • Telemedicine access and well-being programs for employees and families.
  • Flexible work environment via the Saputo Flex Program.
  • Paid time off for sick days, floater days, and volunteer work.
Full Job Description

Overview of the role:

Saputo is seeking a Cybersecurity Senior Analyst to join its Cybersecurity team and report to the IT Cybersecurity Manager.

The senior analyst will collaborate closely with IT and OT department for the awareness, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture.

The Cybersecurity Senior Analyst will lead and continuously improve several strategic cybersecurity functions, including:

•           Cybersecurity Governance and Policy Management

•           Cybersecurity Awareness and Culture Development

•           Third-Party Risk Management (TPRM)

•           TPRM Platform Administration (Archer)

•           Cybersecurity Program Reporting and Executive Communications

The individual will collaborate closely with IT, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture and ensure compliance with internal requirements and external regulations.

As many operational cybersecurity activities are performed by managed security service providers and external partners, the Senior Analyst will provide governance, oversight, quality assurance, and continuous improvement recommendations to ensure the effectiveness of delivered services.

This role also requires strong communication and presentation skills to develop executive dashboards, reports, and presentations for senior leadership, the Security Committee, and the Audit Committee.

How you will make contributions that matter:

Cybersecurity Governance

  • Develop, maintain, and review cybersecurity policies, standards, and procedures.
  • Ensure alignment with regulatory requirements and industry frameworks (NIST, ISO 27001).
  • Support audits and cybersecurity governance initiatives.
  • Promote policy awareness and adoption across the organization.

Cybersecurity Awareness

  • Develop and maintain Saputo's IT and OT cybersecurity awareness strategy and roadmap.
  • Design and deliver awareness campaigns, phishing simulations, and role-based training.
  • Collaborate with HR and Communications to foster a strong security culture.
  • Measure program effectiveness through KPIs and recommend improvements.
  • Report awareness program performance to management and governance committees
  • Identify opportunities to improve cybersecurity culture and employee engagement

.

Third-Party Risk Management

  • Conduct cybersecurity assessments of third-party vendors and SaaS providers.
  • Review vendor security controls, certifications, and compliance documentation.
  • Identify and communicate risks, remediation requirements, and recommendations.
  • Support ongoing vendor monitoring and annual reassessments.
  • Collaborate with Procurement, Legal, Privacy, and IT stakeholders throughout the vendor lifecycle.

Archer Platform Administration

  • Act as the primary subject matter expert (SME) for the Archer GRC platform
  • Configure and maintain questionnaires, workflows, dashboards, and reports.
  • Identify opportunities to automate and improve cybersecurity governance processes.
  • Maintain the Archer enhancement roadmap and manage platform improvements.

Executive Reporting

  • Develop cybersecurity metrics, dashboards, and executive reports.
  • Prepare presentations for senior leadership, Security Committees, and Audit Committees.
  • Provide oversight of cybersecurity services delivered by external partners and managed service providers.

You Are Best Suited for The Role If You Have the Following Qualifications:

  • Bachelor’s degree in information security, Computer Science, Information Technology or related field.
  • Minimum 4 years of experience in cybersecurity, governance, risk management, consulting, or security operations.
  • Able to communicate effectively with technical and non-technical stakeholders.
  • Strong analytical, organizational, and problem-solving capabilities.
  • Experience managing multiple initiatives in a fast-paced environment.

You are best suited for the role if you have the following qualifications:

  • Cybersecurity frameworks (NIST CSF, ISO 27001).
  • Third-Party Risk Management and security assessments.
  • Governance, Risk and Compliance (GRC) platforms Archer. Compliance
  • Risk management and policy development
  • Cybersecurity metrics, dashboards, and executive reporting.
  • Microsoft 365, Purview, cloud security, and SaaS security concepts are assets.
  • Excellent French and English written and verbal communication skills. 

“As part of their duties, the position holder will be required to communicate and collaborate in English and French, both orally and in writing, with colleagues or other stakeholders located in Québec, elsewhere in Canada, or across North America.”

We support and take care of our employees and their families by offering:

  • Generous and complete benefit coverage with group insurance
  • Group retirement plan with employer contribution
  • Telemedicine and assistance program for employees and their families
  • Employee Share Ownership Plan with an employer match
  • Paid Parental Leave program
  • Paid time off: Sick days, floater days and volunteer day off
  • Opportunity to contribute to a collective RRSP & TFSA
  • Training and development programs
  • Saputo Flex Program, flexible work environment (schedule/location/time off) according to department needs
  • Organized activities for employees and their families  
  • Advantageous discounts on Saputo products

Salary: $$88,140 to $115,685

*Salary offers will vary commensurate with experience, education, skills, and training.

About Saputo Inc (SAP)

Saputo Inc. is a Canadian dairy company that produces and sells a variety of dairy products, including cheese, milk, and cream. The company operates in Canada, the United States, and several other countries around the world. Saputo's products are sold under a variety of brand names, including Saputo, Armstrong, and Frigo. The company was founded in 1954 and is headquartered in Saint-Léonard, Quebec. Saputo is one of the largest dairy companies in the world, with annual revenues of over CAD 14 billion.
Learn more about Saputo Inc (SAP)
Size
17,000 employees
Industry
Founded
1954

Similar Jobs

More Jobs at Saputo Inc (SAP)

More Information Technology Jobs

Find similar Cybersecurity Senior Analyst jobs: