Third Party Risk Analyst
Job Location:
Monthly Salary:
Posted on:
Vacancies:
Job Summary
Third Party Risk Analyst
Support critical third-party risk and vendor governance activities within a fast-paced insurance environment. This hybrid opportunity offers exposure to compliance audit supplier monitoring and emerging risk initiatives while collaborating with cross-functional teams. Enjoy a flexible work model with on-site collaboration days on Tuesday Wednesday and Thursday in Toronto.
What is in it for you:
Salaried: $40-46 per hour.
Incorporated Business Rate: $46-53 per hour.
6-month contract with the potential for permanent employment.
Full-time position: 37.50 hours per week.
Day schedule 37.50 hours per week.
Hybrid: 3 days/week in Toronto office.
Responsibilities:
Conduct inherent risk assessments to evaluate third-party risk based on service criticality data sensitivity and regulatory impact.
Perform financial due diligence including analysis of supplier financial health and credit ratings.
Conduct adverse and negative media reviews to identify reputational legal or operational risks.
Assess supplier risk posture and identify areas requiring additional due diligence or mitigation.
Support contract owners and business stakeholders through training and guidance on third-party risk management practices.
Support ongoing supplier monitoring and governance activities across the vendor lifecycle.
Conduct ongoing monitoring activities to ensure suppliers maintain effective control environments.
Support governance activities including periodic supplier reviews and documentation of risk posture.
Track and manage issues risk findings and policy exceptions while ensuring timely resolution.
Monitor supplier risk indicators including financial performance adverse media and emerging global risks.
Ensure adherence to internal third-party risk management policies and standards.
Support regulatory compliance activities including alignment with OSFI B-10 or equivalent guidelines.
Assist with internal and external audits including documentation and remediation tracking.
Maintain accurate and complete risk assessment documentation and audit trails.
Partner with business units procurement teams and risk functions to support vendor oversight activities.
Communicate risk assessment outcomes and recommendations clearly to stakeholders.
Contribute to the enhancement of third-party risk management processes tools frameworks dashboards and metrics.
Stay informed on emerging risks regulatory changes and industry best practices.
What you will need to succeed:
Degree in a related field or equivalent combination of education and experience.
25 years of experience in Third-Party Risk Management Vendor Risk Compliance Audit or Operational Risk.
Experience conducting inherent risk assessments and due diligence activities.
Experience performing financial reviews and adverse media reviews.
Strong understanding of the vendor risk lifecycle including onboarding monitoring and governance activities.
Knowledge of risk-based assessment methodologies.
Familiarity with regulatory guidelines such as OSFI B-10 is considered an asset.
Experience reviewing SOC reports ISO certifications or equivalent control documentation is preferred.
Experience using TPRM tools or platforms such as Archer Ivalua or ProcessUnity is considered an asset.
Understanding of cybersecurity and information security risk concepts.
Exposure to emerging technology risks such as AI cloud and global risk landscape considerations.
Strong analytical audit compliance and risk assessment skills.
Excellent stakeholder communication and relationship management abilities.
Strong attention to detail and ability to assess control environments.
Training and facilitation skills.
Why Recruit Action
Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.
