ABOUT DURHAM COLLEGE:

Durham College (DC) is a leading post-secondary institution that supports students to develop career-ready skills for the ever-changing job market. With a focus on experiential learning, led by expert faculty, through field placements, applied research, co-ops and other hands-on opportunities, DC grads are known for having the skills and knowledge they need to adapt to the ever-changing workforce.
A leader in innovative teaching and learning, Durham College offers a wide range of market-driven programs across multiple disciplines, including culinary management, farming and horticulture, business, IT, construction and trades, science and technology, health care, engineering, social and community services, media, art and design.
Our modern campuses in Oshawa and Whitby offer 145 programs – including six honours bachelor’s degrees and 11 apprenticeship programs – to more than 13,700 full-time post-secondary and 2,300 apprenticeship students. In addition, more than 14,600 students participate in professional and part-time learning. More than 110,500 alumni represent the college, both locally and around the world.
A forward-looking organization committed to collaboration, innovation and sustainability, Durham College is ranked annually as one of the GTA’s Top 100 employers and one of Canada’s Greenest Employers and has been recognized as a Top 50 Research College in Canada, 10 times.
DC has an estimated annual economic impact of more than $913 million on Durham Region and is proud to be an active and engaged member of the communities we serve by contributing resources and expertise to enhance social and economic well-being through partnerships, investments and collaboration.
Durham College is seeking experienced and motivated professionals who share our commitment to quality and student success. The Office of Research Services, Innovation and Entrepreneurship is currently seeking applications from qualified individuals who are interested in joining the Centre for Cybersecurity Innovation, on a part-time, project-based contract to oversee the development of real-world solutions for industry partners through applied research and knowledge transfer projects.
Teams of expert faculty, students and recent graduates collaborate with industry partners and their staff to deliver innovative cybersecurity-based solutions to pressing business problems and opportunities. Projects can include producing and testing prototypes, evaluating new technologies, and developing new or improved products or processes for small- and medium-sized businesses (SMEs). All projects are funded by provincial or federal government grants.
The Centre for Cybersecurity Innovation is located at the Oshawa Campus and provides SMEs access to facilities, equipment, technical expertise, and project services to assist them in product development, technology adoption, expansion into new markets and commercialization of new products, services and processes.

THE IDEAL CANDIDATE WILL MEET OR EXCEED THE FOLLOWING QUALIFICATIONS:

• An undergraduate degree in Cybersecurity, Information Technology, Business or a related field, preferably a masters degree.
• Three to five years of relevant industry experience and demonstrated ability in fields and technologies relevant to project opportunities
• 3+ years of experience in GRC, information security, or compliance roles.
• In-depth knowledge of SOC 2 Type 2, ISO 27001, and NIST frameworks.
• Experience with gap analysis, internal audits, and remediation planning.
• Strong understanding of cloud security principles and cloud infrastructure (AWS, Azure, GCP, etc.).
• Familiarity with GRC and audit management tools (e.g., Secureframe, Drata, Vanta, Sprinto).
• Excellent written and verbal communication skills; ability to communicate complex compliance requirements to technical and non-technical audiences.
• Strong organizational and project management abilities.
• Experience developing and maintaining security policies and governance documentation.
• Ability to work independently and collaboratively in a fast-paced environment.

THE IDEAL CANDIDATE WILL POSSESS THE FOLLOWING QUALIFICATIONS:

• ISO/IEC 27001 Lead Auditor/Implementer, CISA, CRISC, CGRC, or similar certifications.
• Experience supporting SOC 2 Type 2, ISO 27001, or NIST certification and audit processes.
• Knowledge of vulnerability management, SIEM, and cloud security assessment tools.
• Experience in SaaS or cloud-native environments.

• Develop, review, and update security policies, procedures, and governance documentation to meet compliance standards.
• Conduct comprehensive gap assessments against relevant frameworks, identify areas of non-compliance, and recommend actionable remediation steps.
• Lead the implementation, maintenance, and continuous improvement of SOC 2 Type 2, ISO 27001, and NIST SP 800-53/800-171 compliance programs.
• Design, implement, and document security controls across cloud and on-premises environments, ensuring alignment with framework requirements.
• Develop and manage remediation plans, conduct internal audits and readiness assessments, and track progress toward compliance objectives.
• Perform risk assessments, maintain risk registers, and support third-party/vendor risk management processes.Assess and enhance the security of cloud infrastructure, ensuring compliance with SOC 2, ISO 27001, and NIST requirements.
• Coordinate and support external audits, manage evidence collection, and serve as the primary liaison with auditors.
  Qualifications: