Work In Tech

Find your next role at Canada's fastest-growing tech companies

Security Analyst - GRC



Vancouver, BC, Canada
Posted on Wednesday, April 17, 2024

Job Description is an equal-opportunity employer looking for team members who have a real passion for security. The Security Analyst - Delivery is an engaged contributor role within Kobalt’s security delivery team. The Security Analyst is responsible for supporting the client’s security journey by tailoring cyber security protocols, including policies, procedures, and protocols. Security Analyst also assists vCISOs with various types of security assessments and technical implementation projects.

The Security Analyst will work directly with clients on creating policies that are aligned with the client's operations. The Security Analyst will also assist vCISOs with assessments with the goal to tailor a security journey based on clients’ needs. In addition, the Security Analyst will provide security education and conduct regular phishing tests for clients. Lastly, as Kobalt is a certified partner of Vanta, the Security Analyst will leverage the Vanta platform to accelerate the client’s compliance journey as a part of the security program.

If you are ready for a new challenge and want to join a growing team, this is your opportunity. Kobalt is a rapidly growing cyber security services and technology firm focused on addressing the needs of small and mid-sized businesses. Founded in November 2018, Kobalt has been recognized as an emerging company on the Ready to Rocket Emerging ICT list, 2020 Startups to Watch by Techcouver, and has worked with over 250 companies addressing cyber security challenges since inception.

Your Responsibilities:

  • Assist vCISOs in executing elements and projects, such as risk assessments, within a security program
  • Work directly with clients to understand their operations and tailor security policies and procedures that are fit to the organization
  • Serve as subject matter expert of Kobalt’s security education platform
  • Design and deploy phishing tests to clients on a regular basis
  • Provide compliance audit readiness support as required
  • Provision, implement, and manage Vanta, or a similar GRC platform, for clients
  • Troubleshoot compliance monitoring issues within Vanta, or a similar GRC platform, for clients
  • Build new tools and techniques to compress human-intensive tasks into work that can be achieved in a fraction of the time
  • Document best practice procedures for commonly used technologies for standardization of deployment
  • Identify system misconfigurations and draw up recommendations for clients and assist where necessary
  • Collaborate with team members to assist with improvements, discovery, and production of creative and insightful security use-cases
  • Capture regular metrics highlighting key activities, measurable accomplishments, and blockers
  • Support the design and development of Kobalt’s service offerings through insightful feedback and a positive attitude as a contributing member of our security delivery team
  • Help drive improvements in our best-in-class security services through the creation of knowledge-base articles and services documentation
  • Respond to and engage our customers through our ticket system, chat, email, phone, or other mediums as required
  • Complete technical certifications to help gain necessary technical knowledge and support Kobalt vendor partnerships

Your Qualifications & Skills:

  • 1-2 years experience in Security Technologies, Information Security, Business Resilience, Technology Risk or related fields
  • Customer-first focus.
  • Can work independently and with teams to identify and resolve challenges and overcome roadblocks.
  • Ability to communicate effectively, both verbally and in writing, with clients and internal audiences
  • Understanding of cybersecurity domains, including Security Operations (on-premise and cloud), Security Engineering, Information Risk Management, etc.
  • The ability to articulate secure best practices of various aspects of information risk management in the context of people, processes and technology
  • Report Writing: Emphasis on Spelling, Grammar, Word usage, and ability to write a summary that answers the Who, What, Where, When, How, and to the best of your ability, Why.
  • Strong communication skills: Be able to perform summarization and commonality detection and "connect the dots" so that a group of facts is turned into contextual information. Then take that contextual information and determine if it proves your hypothesis right or wrong.
  • Ability to quickly learn and adapt security best practices to a wide variety of technologies in use by clientele

Desired Qualifications:

  • GRCP™ certification is desired but not required
  • Enthusiasm, curiosity, thirst for knowledge
  • Intermediate coding/scripting skills to help automate processes and scale implementation efforts
  • Be familiar with technical system access controls, how to apply them, and what benefits are gained from controls.
  • Ability to perform in high pace environments
  • Strong Team Player
  • Ability to provide on-the-job training and knowledge sharing to other team members
  • Self-initiative with strong time management
  • Solid sense of integrity and identification with the mission.
  • Strong intuition and ability to think “outside the box”
  • Attention to detail while seeing the bigger picture

What’s In It For You:

Kobalt Security believes if we take care of our team and value their meaningful contributions, they will take care of our clients and we will all succeed together.

As a member of Kobalt Security, you can expect:

  • Competitive compensation and stock options to reward the value you bring to Kobalt.
  • Medical, dental, and optical benefits to prioritize you and your family’s wellbeing.
  • Paid time off to rest and reset.
  • Investments in your learning and development opportunities to support your career growth.
  • Engaging and fun team events to foster strong work culture and interpersonal connections.
  • An inclusive work culture that welcomes and celebrates diverse perspectives and opinions.

About Us: brings security monitoring capabilities of enterprise-class security teams to smaller organizations through its team of Cybersecurity professionals with tons of experience but an innovative mindset. prides themselves in constant improvement and innovation by providing their team with a positive and celebratory environment. is an equal opportunity employer looking for team members who have a real passion for security. We welcome you and celebrate differences in race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Does this sound like the right opportunity for you to leverage your expertise?

We want to hear from you – apply today with your resume!