Security Privacy Analyst

Join to apply for the Security Privacy Analyst role at Canto.

Canto is hiring for a Security Privacy Analyst to safeguard infrastructure, applications, and data. This role leads security and privacy initiatives, partners with cross-functional teams, and ensures compliance with international frameworks and regulations. If you are passionate about advancing cybersecurity, privacy, and risk management in a dynamic environment, we'd love to hear from you.

Location: Cork, Ireland (Hybrid or Remote)

At Canto, we are committed to building secure, trusted, and privacy-first products that empower our global customers. As we continue to expand our platform and innovate with emerging technologies, we are seeking a Security Privacy Analyst to play a pivotal role in safeguarding our infrastructure, applications, and data. This position offers the opportunity to lead critical security and privacy initiatives, partner with cross-functional teams, and ensure compliance with international frameworks and regulations.

• Serve as the primary point of contact for developers, partners, and third-party vendors integrating with Canto's platform.
• Lead implementation of security controls across infrastructure and applications, including access control, change management, and incident response.
• Lead business continuity and disaster recovery exercises across all products.
• Review feature changes across key product modules to ensure safe and reliable user experiences.
• Lead full-cycle cyber and privacy assessments including:
• Cybersecurity Risk Assessments
• Privacy Impact Assessments (PIA)
• Evaluations of governance, risk, and compliance (GRC) programs
• Develop tailored remediation plans to address risks and vulnerabilities, leveraging public-sector aligned cybersecurity frameworks and privacy standards.
• Improve security risk management program by documenting gaps within product areas and strategically working to reduce risk in these areas
• Design and maintain privacy-by-design frameworks, ensuring compliance with GDPR, CCPA, HIPAA, and emerging AI-related regulations
• Oversee data lifecycle management including collection, retention, deletion, and cross-border transfers
• Conduct gap analyses and maintain a privacy risk register integrated with security assessments
• Develop and maintain documentation for policies, procedures, and audit readiness (SOC 2, ISO 27001, ISO 27018)
• Partner with legal and compliance teams to translate regulatory obligations into actionable engineering tasks
• Lead vendor risk assessments and third-party compliance reviews
• Evaluate AI systems for privacy and security risks, including model testing cadence, data mapping, and monitoring gaps

• Cybersecurity & Privacy Expertise (Must Have)
• 5+ years of hands-on experience in cybersecurity strategy, assessments, and controls implementation
• Strong background in privacy impact assessments and privacy compliance
• Proven experience with frameworks such as:
• NIST CSF v1.1/v2.0
• SOC 2
• ISO 27001 / ISO 27701
• NIST Privacy Framework
• Familiarity with US and international privacy laws (GDPR, PIPEDA, Australia, etc.)

Ignite Your Potential – Join a fast-growing company where innovation and agility fuel success.

Make an Impact – Your ideas and efforts directly shape our future—every contribution matters.

Learn, Grow, Thrive – Gain real-world experience and develop new skills as we scale.

Stronger Together – Be part of a close-knit, supportive team that values collaboration and camaraderie.

Your Voice Matters – We foster open communication and transparency so every idea is heard.

Turn Challenges into Triumphs – Solve meaningful problems with creativity and confidence.

Balance that Works for You – We believe success comes from a healthy work-life harmony.

Endless Growth Potential – As we rise, so do you. Step into new opportunities and grow with us.

A Global Perspective – Work alongside diverse, talented colleagues and broaden your horizons.

Come be part of something exciting—your future starts here

Canto is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual orientation, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Management and Manufacturing

Industries: Software Development