Your Opportunity:

The Security Exception Analyst – Governance, Risk & Compliance (GRC) provides operational support for the security exception process within the Information Risk Management (IRM) team. Working closely with IRM members, the role supports the evaluation, management, and continuous monitoring of IT security exceptions to ensure compliance with applicable legislation, regulations, and organizational policies. Key responsibilities include full lifecycle management of security exceptions, including logging and tracking requests, gathering required details, documenting evaluation outcomes, and ensuring appropriate follow-up actions. The analyst provides Tier‑2 operational support within the GRC team, assisting with governance, risk, and compliance activities. This includes responding to General Service Requests (GSRs) and security incidents while maintaining accurate documentation and ensuring proper escalation and resolution. In addition, the role contributes to process improvement initiatives, updates governance documentation, and supports collaboration with stakeholders. The position also focuses on building foundational cybersecurity knowledge while supporting the effectiveness and maturity of GRC practices.

Description:

The Security Exception Analyst – Governance, Risk & Compliance (GRC) plays a key role in supporting security exception operations and broader GRC activities. This position acts as a primary coordinator for the security exception process, managing the intake, tracking, and monitoring of exception requests, and ensuring timely responses and follow-up—particularly for high-risk items. The role also supports reporting and analysis of security exception metrics, trends, and forecasting to inform risk management decisions. In addition, the analyst contributes to GRC operations by assisting with General Service Requests (GSRs) and security incidents, ensuring accurate documentation, tracking, and effective coordination of tickets and requests. The position further supports process improvement and governance efforts by contributing to the maintenance and enhancement of security policies, standards, and guidelines under senior direction. Responsibilities include helping improve workflows related to compliance and risk tracking, and ensuring governance documentation is well-organized, accurate, and accessible. This is an excellent opportunity for an early-career professional to build foundational cybersecurity and GRC experience while working collaboratively across teams to support effective governance, risk management, and compliance practice.

Classification: IT Infrastructure Services 2 Union: Exempt Unit and Program: IT, Information Risk Management Primary Location: CN Tower Location Details: Eligible to work hybrid (on/off site) within Alberta Negotiable Location: Provincial Employee Class: Regular Full Time FTE: 1.00 Posting End Date: 08-JUL-2026 Date Available: 17-AUG-2026 Hours per Shift: 7.75 Length of Shift in weeks: 2 Shifts per cycle: 10 Shift Pattern: Days Days Off: Saturday/Sunday Minimum Salary: $25.63 Maximum Salary: $42.71 Vehicle Requirement: Not Applicable

Required Qualifications:

Degree/Diploma in Information Technology. Understanding of the Healthcare IT sector.

Additional Required Qualifications:

As Required.

Preferred Qualifications:

Knowledge and/or experience of industry best practices for IT risk management. Understanding of IT process management and improvement.