We’re currently seeking an experienced GRC and BCP ANALYST to support our client, a large public utility in Saskatchewan’s natural gas sector.
This is a full-time, onsite contract position based in Regina, Saskatchewan, playing a critical role in strengthening enterprise cybersecurity governance and resilience. You’ll be embedded within SaskEnergy’s Enterprise Security team, helping shape policy, drive compliance, and enhance the organization’s business continuity planning framework.
The ideal candidate brings a minimum of three years of demonstrated experience in Governance, Risk, and Compliance (GRC), Business Continuity and Disaster Recovery Planning, and security awareness training. Security certification (e.g., CISSP, CISA, CISM, MBCP) is mandatory. A strong grasp of audit and regulatory monitoring, and comfort working across IT and ICS/SCADA environments, is essential.
Location & Work Hours
Location: Onsite – Regina, Saskatchewan
Start Date: August 1, 2025
Duration: Through March 31, 2027, with up to four optional one-year renewals
Work Hours: Monday to Friday, 8:00 AM – 5:00 PM CST
Functional Area
Enterprise Security Department – supporting cyber, physical, and personnel security across corporate IT and ICS/SCADA systems.
• Minimum 3 years’ experience in Cybersecurity Governance, Risk & Compliance
• Minimum 3 years’ experience in Business Continuity & Disaster Recovery Planning
• Minimum 3 years’ experience developing security policies, standards, and guidelines
• Minimum 3 years’ experience in audit and regulatory compliance monitoring
• Minimum 3 years managing cybersecurity awareness and training programs
• Current security certification (CISSP, CISM, CISA, ABCP, or MBCP)
• Must be able to work full-time onsite in Regina, SK
Desired Experience & Skills
• Governance frameworks creation and maintenance
• ICS/SCADA and corporate IT knowledge
• Third-party security risk assessments
• Threat and risk assessments; vulnerability analysis
• Security documentation and audit readiness
• GRC tools and change management compliance
• Strong communication and stakeholder collaboration
• Familiarity with industry standards and regulatory requirements
Deliverables
• Support and evolve enterprise GRC and BCP initiatives
• Conduct and document third-party and internal risk assessments
• Prepare for and support audits and compliance activities
• Build and maintain GRC policies, procedures, and documentation
• Lead or support training and awareness programs
• Track and report change management and risk activities
• Collaborate with stakeholders across IT and operational teams
• Act as subject matter expert in GRC frameworks and tools
About the Role
This position reports to the Enterprise Security team. The initial term runs through March 31, 2027, with the potential for four (4) additional one-year renewals (20 months). The role is 100% onsite in Regina, and the selected candidate must be available for in-person interviews.
If you’re interested in this opportunity, please reach out or submit your resume for consideration. Know someone perfect for the role? Feel free to share this post.
Systematix is one of Canada’s largest privately owned National Consulting and Resourcing firms. With offices across the country, we provide high-impact consulting services to both public and private sector clients. We are committed to building a diverse and inclusive workplace and strongly encourage applications from equity-deserving communities.
We’re currently seeking a skilled and experienced CYBER SECURITY SPECIALIST to support our client, SaskPower, within its Nuclear subsidiary and broader enterprise. This role plays a key part in strengthening the client’s cybersecurity posture by implementing, monitoring, and optimizing advanced cloud and enterprise security controls. The successful candidate will ensure compliance with security frameworks (e.g., NIST CSF, ISO 27001) and proactively mitigate cybersecurity risks in a highly regulated, mission-critical infrastructure environment. This is a hands-on, senior role requiring deep familiarity with Microsoft security tools, cloud platforms, and vulnerability management technologies.
Location & Work Hours
– Location: Onsite at SaskPower facilities in Regina, Saskatchewan.
– Work Hours: Monday to Friday, 8:00 AM to 5:00 PM CST.
– Start Date: June 2, 2025
– End Date: May 31, 2026
– Availability: 100% full-time onsite; no hybrid or remote options.
– Security Clearance: Must be eligible for Government of Canada Level II (Secret) Security Clearance.
Requirements
Mandatory Education & Experience
– University degree in Computer Science, Information Security, or a related field (or equivalent experience).
– Minimum 5 years of hands-on experience in IT security or cybersecurity operations.
– Proven experience with:
• Microsoft Azure security tools (Defender, Sentinel, etc.)
• SIEM platforms, incident response, threat detection, and automated remediation
• Tenable One or other vulnerability management systems
• Scripting and automation (PowerShell, JSON, KQL, Logic Apps)
Security Frameworks & Compliance
– Familiarity with:
• NIST Cybersecurity Framework
• ISO/IEC 27001/27002
• Relevant CSA standards
– Deep knowledge of cybersecurity incident response methodologies.
Desired Certifications
– One or more of the following:
• CISSP, CISM, GIAC (SANS), or
• Microsoft Certified: Azure Security Engineer Associate
Preferred Experience
– Prior work in critical infrastructure or nuclear/energy sectors.
– Experience with SCADA/ICS environments.
– Strong communication and collaboration skills for working with technical and non-technical stakeholders.
Key Deliverables
– Incident Reports & Analysis: Documented investigations and post-incident reviews.
– Vulnerability Assessment Reports: Scheduled scanning, reporting, and remediation tracking.
– Security Posture Metrics: Azure Secure Score reports and metrics for ongoing improvement.
– Compliance Documentation: Evidence of alignment with NIST, ISO, and CSA standards.
– Updated Cybersecurity Artifacts: Policies, SOPs, security plans, and network diagrams specific to nuclear systems.
About the Role
This is a one-year contract role, with potential for extension, offering the opportunity to work directly on high-impact cybersecurity systems supporting critical infrastructure. The role will be full-time onsite in Regina.
Apply Now
If you are interested in this opportunity, please submit your resume and reach out for more details. Know someone who fits the profile? Please share this posting with them.
About Systematix
Systematix is one of Canada’s largest privately owned national consulting and resourcing firms. We deliver high-caliber IT consulting solutions to all levels of government and industries across the country. We are committed to diversity, inclusion, and equity in all that we do, and we proudly support employment equity and a respectful, inclusive workplace.
