Cybersecurity Senior Analyst
At Saputo, we bring good to the table by making high-quality products, investing in our people, and supporting communities around the world . As a top 10 global dairy processor, we value contributions that matter and strive to foster an inclusive, growth-driven work environment. Ready to bring your best?
Overview of the role:
Saputo is seeking a Cybersecurity Senior Analyst to join its Cybersecurity team and report to the IT Cybersecurity Manager.
The senior analyst will collaborate closely with IT and OT department for the awareness, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture.
The Cybersecurity Senior Analyst will lead and continuously improve several strategic cybersecurity functions, including:
• Cybersecurity Governance and Policy Management
• Cybersecurity Awareness and Culture Development
• Third-Party Risk Management (TPRM)
• TPRM Platform Administration (Archer)
• Cybersecurity Program Reporting and Executive Communications
The individual will collaborate closely with IT, Digital, Legal, Privacy, Procurement, Internal Audit, Risk Management, Human Resources, and business stakeholders to strengthen Saputo's cybersecurity posture and ensure compliance with internal requirements and external regulations.
As many operational cybersecurity activities are performed by managed security service providers and external partners, the Senior Analyst will provide governance, oversight, quality assurance, and continuous improvement recommendations to ensure the effectiveness of delivered services.
This role also requires strong communication and presentation skills to develop executive dashboards, reports, and presentations for senior leadership, the Security Committee, and the Audit Committee.
How you will make contributions that matter:
Cybersecurity Governance
- Develop, maintain, and review cybersecurity policies, standards, and procedures.
- Ensure alignment with regulatory requirements and industry frameworks (NIST, ISO 27001).
- Support audits and cybersecurity governance initiatives.
- Promote policy awareness and adoption across the organization.
Cybersecurity Awareness
- Develop and maintain Saputo's IT and OT cybersecurity awareness strategy and roadmap.
- Design and deliver awareness campaigns, phishing simulations, and role-based training.
- Collaborate with HR and Communications to foster a strong security culture.
- Measure program effectiveness through KPIs and recommend improvements.
- Report awareness program performance to management and governance committees
- Identify opportunities to improve cybersecurity culture and employee engagement
.
Third-Party Risk Management
- Conduct cybersecurity assessments of third-party vendors and SaaS providers.
- Review vendor security controls, certifications, and compliance documentation.
- Identify and communicate risks, remediation requirements, and recommendations.
- Support ongoing vendor monitoring and annual reassessments.
- Collaborate with Procurement, Legal, Privacy, and IT stakeholders throughout the vendor lifecycle.
Archer Platform Administration
- Act as the primary subject matter expert (SME) for the Archer GRC platform
- Configure and maintain questionnaires, workflows, dashboards, and reports.
- Identify opportunities to automate and improve cybersecurity governance processes.
- Maintain the Archer enhancement roadmap and manage platform improvements.
Executive Reporting
- Develop cybersecurity metrics, dashboards, and executive reports.
- Prepare presentations for senior leadership, Security Committees, and Audit Committees.
- Provide oversight of cybersecurity services delivered by external partners and managed service providers.
You Are Best Suited for The Role If You Have the Following Qualifications:
- Bachelor’s degree in information security, Computer Science, Information Technology or related field.
- Minimum 4 years of experience in cybersecurity, governance, risk management, consulting, or security operations.
- Able to communicate effectively with technical and non-technical stakeholders.
- Strong analytical, organizational, and problem-solving capabilities.
- Experience managing multiple initiatives in a fast-paced environment.
You are best suited for the role if you have the following qualifications:
- Cybersecurity frameworks (NIST CSF, ISO 27001).
- Third-Party Risk Management and security assessments.
- Governance, Risk and Compliance (GRC) platforms Archer. Compliance
- Risk management and policy development
- Cybersecurity metrics, dashboards, and executive reporting.
- Microsoft 365, Purview, cloud security, and SaaS security concepts are assets.
- Excellent French and English written and verbal communication skills.
“As part of their duties, the position holder will be required to communicate and collaborate in English and French, both orally and in writing, with colleagues or other stakeholders located in Québec, elsewhere in Canada, or across North America.”
We support and take care of our employees and their families by offering:
- Generous and complete benefit coverage with group insurance
- Group retirement plan with employer contribution
- Telemedicine and assistance program for employees and their families
- Employee Share Ownership Plan with an employer match
- Paid Parental Leave program
- Paid time off: Sick days, floater days and volunteer day off
- Opportunity to contribute to a collective RRSP & TFSA
- Training and development programs
- Saputo Flex Program, flexible work environment (schedule/location/time off) according to department needs
- Organized activities for employees and their families
- Advantageous discounts on Saputo products
Salary: $ $88,140 to $115,685
*Salary offers will vary commensurate with experience, education, skills, and training.
________________________________________________________________________________________
STATEMENT ON AI
All applications are carefully considered by our Talent Acquisition team.
Artificial Intelligence tools may be used in screening applications.
Artificial Intelligence is not used to assess or select applications.
In Canada, Saputo is a leading cheese manufacturer and fluid milk and cream processor, with a portfolio of well-loved brands such as Dairyland, Armstrong, Neilson, Alexis de Portneuf, and many more. Whether your expertise lies in manufacturing, operations, supply chain management, sales, quality assurance, or in any other function, your role is integral to our success. You will make contributions that matter, all while working alongside colleagues who genuinely care about your success and who will roll up their sleeves to help.
The material contained herein is provided for informational purposes only. All open jobs offered by Saputo Inc. and all companies, corporations, partnerships, limited partnerships and other entities controlled by Saputo Inc. (collectively, “Saputo”) on Saputo's web site are subject to specific job skill requirements. The job skill requirements, qualifications, and preferred experience are determined by a Saputo subsidiary, office or department, and all positions are subject to local prevailing employment laws and restrictions. This would include immigration laws pertaining to work authorization requirements and any other applicable government permissions or compliance. The materials on this site are provided without warranties of any kind, either expressed or implied, including but not limited to warranties regarding the accuracy or completeness of the information contained on this site or in any referenced links. While Saputo attempts to update this site on a timely basis, the information is effective only as of the time and date of posting. Strict confidentiality will be observed at all times. Saputo is an equal opportunity employer. The information on this site is for information purposes only and is not intended to be relied upon with legal consequence.
We support employment equity. Saputo strives to embed diversity and inclusion in its operations and invites candidates from all horizons to join its family. Saputo welcomes and encourages applications from people with disabilities. Accommodations up to the point of undue hardships, are available on request for candidates taking part in all aspects of the selection process.