[Hiring] Cybersecurity Administrator @J.D. Power

Role Description

The Cybersecurity Administrator serves as the primary deputy to the Cybersecurity Governance Manager, providing essential operational support across the organization's security governance and compliance activities. This is an excellent entry-level opportunity for a motivated individual looking to build a broad foundation in enterprise information security, compliance, and risk management.

The successful candidate will assist in executing and coordinating day-to-day security program activities, with direct ownership of key workstreams including:

• Vendor risk management
• Audit coordination
• Security questionnaire responses
• Vulnerability tracking

This role offers broad exposure across the full spectrum of enterprise information security operations. You will work directly with the Cybersecurity Governance Manager and gain hands-on experience in:

• Enterprise security governance
• Global compliance frameworks (SOC 2, TISAX, ISO 27001)
• Risk management methodology and practical application
• Cross-functional stakeholder collaboration across Engineering, Legal, Finance, and Operations
• Audit management and external auditor relations
• Career development toward roles such as Security Analyst, GRC Analyst, Security Compliance and Risk Manager

What You’ll Be Doing in This Role:

• Manage inbound security questionnaires/RFIs and coordinate inputs across IT, Legal, Engineering, and other stakeholders
• Maintain and continuously improve a centralized library of standardized, policy-aligned security responses
• Track questionnaire/RFI status, deadlines, and follow-ups to ensure accurate, on-time delivery
• Support the end-to-end third-party vendor risk lifecycle, including onboarding, periodic reviews, and offboarding
• Conduct vendor security risk assessments using established frameworks and questionnaires (e.g., SIG, CAIQ, custom templates)
• Maintain the vendor risk register, including risk ratings, evidence requests, remediation actions, and review schedules; escalate high-risk findings
• Coordinate audit readiness activities (e.g., SOC 2 Type II, TISAX, internal audits), including continuous evidence collection and audit calendars
• Serve as a point of contact during audit fieldwork by scheduling walkthroughs, gathering artifacts, and tracking auditor requests
• Track audit findings and management responses and follow remediation commitments through closure; help update control narratives, policies, and procedures
• Monitor and track vulnerabilities (scans, penetration tests, threat intel), maintain the vulnerability register, drive follow-ups, and produce status reporting

Qualifications

• Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field — or equivalent practical experience
• 1–2 years of experience in information security, IT compliance, risk management, or a related discipline
• Familiarity with common compliance frameworks and standards such as SOC 2, ISO 27001, TISAX, NIST, or similar
• Strong organizational skills with the ability to manage multiple workstreams, deadlines, and stakeholders simultaneously
• Excellent written and verbal communication skills — able to translate technical concepts for non-technical audiences
• Detail-oriented with a structured, process-driven approach to work
• Proficiency in standard productivity tools (Microsoft 365, Google Workspace) and experience with spreadsheets and tracking tools
• Entry-level security certification or active pursuit thereof: CompTIA Security+, CC (ISC²), or equivalent
• Understanding of cloud security concepts (AWS, Azure, or GCP environments)
• Understanding / Experience supporting external audits or regulatory examinations

Requirements

• Proactive and self-directed, taking ownership of tasks and following through without constant prompting
• Collaborative, working effectively across teams and building positive relationships with internal and external stakeholders
• Intellectually curious and eager to learn security concepts, emerging threats, and evolving regulatory requirements
• Analytical, able to assess vendor risk findings, vulnerability data, and audit evidence with reasonable judgment
• Discreet and trustworthy, handling sensitive security and business information with appropriate confidentiality
• Adaptable, comfortable managing competing priorities in a dynamic, fast-paced environment

Benefits

• Starting salary range of $55K - $65K CAD/USD per year
• Salary determined by relevant skills, education, qualifications, experience, performance, business or organizational needs, and geographic location