Senior IT Contract Risk Manager (Third-Party & Cyber Security)
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Senior IT Contract Risk Manager (Third-Party & Cyber Security)
Exciting 1-year hybrid opportunity in Toronto for an experienced contract management professional within the insurance industry. Contribute to enterprise-level IT risk governance review complex vendor contracts and collaborate with Legal Procurement and Compliance teams. Strategic role with strong influence on contract standards.
What is in it for you:
Salaried: $40-48 per hour.
Incorporated Business Rate: $50-58 per hour.
12-month contract.
Full-time position: 37.50 hours per week.
Weekday schedule from 8:30 am to 5 pm.
In-office presence required from Tuesday to Thursday.
Remote work available on Mondays and Fridays.
Responsibilities:
Review contract clauses and language to determine compliance with corporate contract requirements.
Support internal stakeholders and Legal by clearly outlining risks associated with suppliers.
Initiate reviews of existing vendor contracts in collaboration with various business units.
Respond to contract-related inquiries in a timely and accurate manner.
Provide Procurement with support on contract clauses and exception handling.
Offer guidance to Vendor Information Risk Management (VISM) and Vendor Governance Management (VGM) teams.
Stay informed on evolving laws and regulatory requirements that impact contractual terms.
Translate complex contractual and regulatory concepts into easily understood language for internal and external stakeholders.
Independently manage timelines for contract negotiation and reviews.
Collaborate with cross-functional teams including Legal Risk Compliance and business stakeholders to meet business objectives
What you will need to succeed:
Bachelors degree in Business Economics or Finance.
Experience in IT Risk Third Party Risk Management and/or Procurement.
Industry-recognized certification in IT Third Party Risk or Procurement is a plus.
Law degree is considered an asset.
IT contract-related experience and/or legal background.
5 years of experience reviewing third-party contracts or related experience in Third-Party Risk Management specifically in IT/cybersecurity.
Solid understanding of cybersecurity principles and the flow of sensitive data.
Proficient in Microsoft Office tools including Word Excel PowerPoint and Power BI.
Experience using risk management tools such as Archer ProcessUnity and Ivalua.
3 years in progressive roles within Risk or Procurement.
Knowledge of third-party risk management concepts and IT general controls.
Familiarity with compliance frameworks such as NIST 800-53 NIST CSF and ISO 27001.
Understanding of OSFI B-10/13 and OCC regulatory requirements.
Ability to interpret and assess vendor information security questionnaires.
Strong critical thinking and problem-solving skills.
Excellent communication and negotiation abilities.
Organized and capable of prioritizing tasks based on impact and urgency.
Able to work both independently and collaboratively.
Skilled in managing multiple tasks in a fast-paced environment with shifting priorities.
Strong presentation and facilitation capabilities.
Demonstrated ability to influence across functions and build relationships with diverse teams.
Adaptable to change and culturally aware.
Experience working in complex matrixed or global organizations.
Why Recruit Action
Recruit Action (agency permit: AP-2000003) provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted.
# MFCJP
Company Industry
IT Services and IT Consulting
Key Skills
- Facilities Management
- ADMA
- Heavy Bus Driving
- AXA
- Building Services
- Courier Delivery
