Aecon Group Inc. is a Canadian leader in infrastructure development, committed to building sustainable projects for future generations. The Information Services Co-op, GRC & Contracts role offers experience in cybersecurity governance, risk, and compliance while providing hands-on exposure to IT contract management and vendor engagement.
Assist in the development, maintenance, and implementation of the Information Security GRC program
Conduct risk assessments, vulnerability assessments, and gap analyses to identify security risks and compliance gaps
Support the creation, review, and updating of security policies, standards, SOPs, and process documentation
Maintain and update the organization’s security controls library
Perform compliance checks to ensure security controls are implemented and functioning as intended
Assist in collecting evidence for audits, assessments, and certification activities (e.g., SOC 2, ISO, internal audits)
Collaborate with stakeholders across Information Services and business units to embed security and compliance requirements into processes and projects
Support the review and processing of IT-related procurement requests, including software renewals, new tools, hardware, SaaS platforms, and professional services
Assist in drafting, reviewing, and organizing contract documentation such as Statements of Work (SOWs), Master Service Agreements (MSAs), and Data Processing Agreements (DPAs)
Work with the Procurement team and IS leadership to ensure contracts align with security, legal, and compliance requirements
Coordinate with vendors to gather necessary documentation, clarify contract requirements, and track deliverables
Support RFX processes (RFQs, RFIs, RFPs) by helping prepare documents, consolidate vendor responses, and evaluate submissions
Help maintain vendor records, contract repositories, renewal calendars, and risk assessments in collaboration with IT and Procurement
Assist in monitoring vendor performance and compliance with contractual obligations, including cybersecurity expectations
Qualification
Required
Currently enrolled in a Computer Science, Information Security or equivalent program
Familiarity with risk assessment methodologies and tools
Strong analytical and organizational skills with high attention to detail
Excellent communication skills with the ability to collaborate across teams
Ability to manage multiple tasks, prioritize effectively, and work in a fast-paced environment
Preferred
Experience with Excel, SharePoint, or document management tools is an asset
Benefits
Services needed to support your mental, emotional, and physical well-being
Aecon University and Leadership Programs
Equity, Diversity & Inclusion training
Aecon Women in Trades and Aecon Diversity in Trades programs
Employee Resource Groups (ERGs)
Aecon Group Inc. (TSX: ARE) is a North American construction and infrastructure development company with global experience.
Glassdoor
4.0
Founded in 1877
Toronto, Ontario, CAN
10001+ employees
http://www.aecon.com/
Aecon Group Inc. (TSX: ARE) is a North American construction and infrastructure development company with global experience.
