Building the space between proven and possible, MDA Space is a trusted mission partner to the global space industry. A robotics, satellite systems and geointelligence pioneer with a 55-year+ story of world firsts and more than 450 missions, MDA Space is a global leader in communications satellites, Earth and space observation, and space exploration and infrastructure. The global MDA Space team of more than 3,800 space experts has the knowledge and know-how to turn an audacious customer vision into an achievable mission – bringing to bear a one-of-a-kind mix of experience, engineering excellence and wide-eyed wonder that’s been in our DNA since day one. For those who dream big and push boundaries on the ground and in the stars to change the world for the better, we’ll take you there.
Are you ready to launch the next stage of your career in the new space economy? We would love to hear from you!
We’re on the hunt for an IT Risk & Compliance Co-Op on our team at either of our Brampton, Montreal or Richmond offices.
Supporting all of MDA’s three business areas in Geointelligence, Robotics & Space Operations, and Satellite Systems, our corporate team knows from experience that working in a hands-on learning environment enables us to collaborate across disciplines and get the job done. From HR and Finance to IT and Communications, we are all committed to reaching new heights and advancing humanity’s place in the universe and here on Earth.
This role supports the identification, assessment, and management of information technology and cybersecurity risks in alignment with industry standards, regulatory requirements, and organizational controls. The position focuses on IT risk and compliance activities, including risk management, control assurance, and policy governance. The successful candidate will gain hands-on experience supporting Governance, Risk, and Compliance (GRC) processes across the organization.
Responsibilities
- Support internal cybersecurity audits (e.g., NIST Cybersecurity Framework, UK Cyber Essentials, NIST SP 800-171), including assisting with planning activities, gathering audit evidence across multiple domains, and liaising with stakeholders to resolve blockers
- Assist with testing control effectiveness, documenting audit findings, and tracking remediation activities to closure under guidance
- Support Enterprise Risk Management (ERM) and Insider Threat risk initiatives by assisting with risk documentation, maintaining supporting artifacts, and supporting quarterly/Annual risk assessment reviews
- Assist with maintaining the IT risk register by ensuring records are current and supporting the preparation and updating of risk summary decks for
- Support Third-Party Risk Management activities, including assisting with vendor risk assessments and tracking due diligence documentation
- Contribute to exceptions management by documenting requests and tracking approvals and closures
- Collect and organize metrics for IT risk and compliance reporting
- Review and update policies, standards, and guidelines as required
- Support the administration and use of GRC tools such as Optro (AuditBoard)
- Assist with other duties as required to support Governance, Risk, and Compliance (GRC) initiatives
Requirements/Desired Qualifications
- Currently enrolled in a college or university program in information security, cybersecurity, computer science, information technology, information systems, risk management, business technology management, engineering, or a closely related field with an interest in IT risk, audit, or compliance
- Foundational knowledge of security standards and frameworks such as ISO/IEC 27001 and the NIST Cybersecurity Framework
- Strong analytical, problem‑solving, and critical‑thinking skills, with the ability to analyze information, follow structured processes, and support IT risk and compliance tasks
- Foundational understanding of cybersecurity concepts and technical terminology, with an interest in staying current on IT trends, cybersecurity risks, and relevant security standards
- Ability to work independently as well as collaboratively in a team environment
- High level of professionalism, maturity, and strong written and verbal communication skills
- Eligibility to obtain Reliability Level security clearance
What you will learn
- How IT and cybersecurity risks are assessed and managed in alignment with frameworks such as NIST Cybersecurity, NIST SP 800-171and UK Cyber Essentials.
- Hands-on experience supporting internal cybersecurity audits, including audit evidence collection, control testing, and remediation tracking.
- Exposure to Enterprise Risk Management (ERM) practices, including how IT and cybersecurity risks are documented, reviewed during quarterly assessment cycles, maintained in risk registers, and summarized for management reporting.
- Experience supporting Third-Party Risk Management (TPRM) activities, including vendor risk assessments and due diligence tracking.
- Practical experience using GRC tools (e.g., AuditBoard/Optro) to support risk, audit, and compliance activities.
- Insight into policy and compliance governance, including supporting the review and maintenance of policies, standards, and guidelines
Comments/Special Considerations:
Successful candidates must obtain and hold security clearance at the reliability status level, and pass security assessment for the Controlled Goods Program (CGP).
MDA Ltd. is proud to provide accommodation(s) during the recruitment process. Should you require any accommodations, please indicate this on your application/cover letter and we will work with you to meet your accessibility needs.
The compensation range for this position is $23 - $26 hourly.
