Title: Information Security Risk and Privacy Consultant
Duration: 4–6 months (with potential for extension)
Location: Downtown Toronto (Hybrid)
Role Overview
We are seeking an experienced Information Security professional to join our client's team on a short-term contract. The successful candidate will be responsible for conducting vendor risk assessments and privacy impact assessments (PIAs) to ensure compliance with security, privacy, and regulatory standards. This role requires strong analytical skills, attention to detail, and a solid understanding of information security frameworks, data privacy laws, and vendor management practices.
Key Responsibilities
- Perform vendor risk assessments to evaluate third-party security controls, policies, and procedures.
- Conduct and document Privacy Impact Assessments (PIAs) for new and existing projects, products, and services.
- Collaborate with internal stakeholders (procurement, legal, compliance, and IT teams) to assess risks and recommend mitigation strategies.
- Review vendor contracts and agreements to identify potential security and privacy gaps.
- Develop and present assessment reports with clear findings and actionable recommendations.
- Ensure compliance with relevant regulations and standards (e.g., FIPPA, PHIPA, NIST, etc).
- Provide guidance on privacy, cybersecurity controls, and risk management.
Qualifications & Skills
- Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent work experience).
- Professional experience in information security, risk management, or privacy compliance.
- Strong knowledge of information security frameworks and standards (ISO 27001, NIST, SOC 2, CIS Controls).
- Hands-on experience conducting vendor risk assessments and privacy impact assessments.
- Familiarity with global privacy regulations (GDPR, FIPPA, PIPEDA, PHIPA etc.).
- Excellent written and verbal communication skills with the ability to present findings to both technical and non-technical stakeholders.
- Strong organizational skills with the ability to manage multiple assessments simultaneously.
- Experience in privacy impact assessments
- Experience with conducting vendor risk assessments
- Strong understanding of and experience in information security risk management processes
- Excellent communication skills, strong attention to detail, and go getter mentality.
The pay range that the employer reasonably expects to pay for this position is between CA$80.00 and CA$85.00
Our voluntary benefits offering includes medical, dental, vision and retirement benefits.
Applications will be accepted on an ongoing basis.
Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.
Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.
Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!
Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.
Open ears. Open minds. Open futures