Senior GRC Technical writer to prepare and maintain cyber security policies, guidelines and work flow for a transportation company

Our client is seeking a Senior GRC Technical writer to prepare and maintain cyber security policies, guidelines and work flow for a transportation company

Duration 12 until Dec 31, 2025 . Hybrid work model, 3 days on site. Location Montreal or Toronto

Must Haves

• Policy management and GRC tools
• Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001).
• Relevant experience defining business processes and controls around sensitive data and applications to ensure compliance with data protection regulations (e.g., PIPEDA, GDPR).
• Superior communication skills (written and verbal), with a keen eye for detail and the ability to bridge the language between technology and business.

Nice to have

Relevant cyber security and privacy industry certifications (e.g., CISSP, CISM, CIPP, CIPM, etc.)

Responsibilities

• Develop, maintain and update comprehensive documentation for cybersecurity, IT and GRC practices. Gathering pertinent feedback from leads ensuring documentation is accurate, comprehensive and appropriate for its intended audience.
• Work closely with SMEs and stakeholders to collect information to create high-quality deliverables including process and procedure documentation, process workflows, policy & directive documentation, RACI’s, etc.
• Determine categories of information required to develop required deliverable. Work with SMEs to ask appropriate questions to solicit required information.
• Develop realistic plans and timelines for developing documentation that align with SMEs and program timelines. Manage deliverables to plan and escalate risks and issues to leadership for support.
• Conduct thorough analysis of existing processes and identify areas for improvement to enhance security and compliance.
• Apply principles of minimalism and leverage business language to ensure that process documentation is well understood by readers whose process and technical knowledge may range from limited to highly proficient.
• Standardize documentation types and support management of documents within central repository.
• Prepare detailed reports and presentations for senior management and stakeholders.
• Moderate the type of language to suit the purpose and audience.
• Proficiency in various documentation tools and formats.
• Experience with policy management and GRC tools.
• Ability to leverage AI tools, such as Microsoft Copilot, to enhance efficiency in document development.
• Ability to work independently and collaboratively in a fast-paced and dynamic environment.
• Ability to handle multiple initiatives and deadlines with attention to detail and quality.
• Ability to learn new technologies and tools quickly and adapt to changing requirements.
• Actively identify and make recommendations for improvement in the documentation and review procedure and process.
• Produce high-quality documentation that meets applicable standards and is appropriate for its intended audience.
• Develop content in alternative media forms for maximum usability, with a consistent and cohesive voice across all documentation.
• Maintain a library of application documentation, cataloging it for internal and/or external use.