Expert, Information Security Third Party Risk
2 weeks ago
Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion.
From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks.
You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM.
The careers we offer are meaningful because the work we do matters. Join usJob Summary
The purpose of this role is to maintain and grow an industry leading Information Security Third Party Risk Management (TPRM) practice to support the mission of empowering the business by building resilience against evolving cyber threats.
This will include program governance, policy and guideline development, risk assessments, information protection contract clauses, continuous monitoring, compliance assessments, regulatory compliance assurance, due diligence and selection processes, technology and tool development and maintenance, cloud transformation, and stakeholder awareness and communication.
Main Responsibilities
Practice Development and Planning
- Align third party information security with organizational business goals
- Oversee a broad range of Information Security activities related to third party suppliers, solutions, subsidiaries and customers, including large outsourcing initiatives (e.g. I&T infrastructure and help desk managed services)
- Develop and maintain a set of policies & guidelines specific to protecting CN's assets where they are accessed or managed by third parties
- Create and maintain a TPRM practice, including a framework for evaluating and managing third party risk
- Ensure information security requirements are integrated with procurement processes
- Proactively monitor emerging trends and evolving threat landscapes to identify innovative ideas that would position CN to be an industry leader
Operation and Execution
- Identify, assess, and report critical and high risks involving third parties
- Manage and escalate incidents such as a material control weaknesses and security breaches and working with the Security Operations Centre (SOC) as required
- Report critical noncompliances and high risks to the appropriate business stakeholders
- Write and negotiate contractual terms internally and with external partners and suppliers to ensure CN's business goals are met relating to information security
- Ensure CN's Information Security policies & guidelines related to third parties meet regulatory requirements for security and privacy protection (e.g. TSA directives, CCSPA requirements, privacy bills, etc.)
- Enhance existing processes through innovation and continuous improvement
- Subject Matter Expertise
- Drive action across various internal and external stakeholders by communicating technical and process requirements
- Provide leadership and expertise on matters relating to third party information security to various internal stakeholders, including I&T, Procurement, Internal Audit, Legal, Facilities Management, and Insurance teams
- Discover and bring to light innovation opportunities and influence other groups to support and implement changes that will generate business value
- Mentor resources, provide knowledge transfer, and delegate support tasks
Organizational Impact
Decision Making & Impacts
The Expert, Information Security Third Party Risk Management implements the governance, risk, and compliance capabilities required to bring Information Security risks involving third party suppliers, solutions, subsidiaries, and customers to acceptable levels required to enable to enable the organization to achieve its business objectives.
To achieve this they conduct strategic planning, create and maintain processes and tools, and coordinate activities between various internal teams and external organizations.
Level of Interaction/Influence
The Expert, Information Security Third Party Risk Management influences and drives action among various areas within the organization, including Legal, Procurement, Internal Audit, Facilities Management, Insurance, and different areas within I&T.
This would include incorporating Information Security requirements into procurement processes, ensuring I&T asset inventory systems include relevant data, influencing behaviours of Solution Architects to identify and mitigate high risks, negotiating contractual terms with Legal and Facilities Management, providing expertise to Internal Audit and Insurance teams, issuing Cybersecurity Policies and conducting compliance monitoring activities on subsidiaries, influencing external agencies and service providers to better align to CN's needs, working with customers on Informatio
-
Toronto, Ontario, Canada Canadian National Railway Full timeAt CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely...
-
Analyst, Third Party Risk Management
2 weeks ago
Toronto, Ontario, Canada CPP Investments Full timeJob DescriptionReporting to the Director, Procurement, the Third Party Risk Analyst is responsible for supporting the execution of the Third-Party Risk management program at CPP Investments. The Third Party Risk Analyst will lead the vendor risk assessment and due diligence process through collaboration with risk subject matter experts.The Third Party Risk...
-
Third Party Risk Analyst
2 weeks ago
Old Toronto, Ontario, Canada Quantum Technology Recruiting Inc. Full timePosition: Third Party Risk Analyst Location: Toronto / RemoteJob Type: 6+ months contract, full-timeOur Toronto-based client, consistently ranked as one of Canada's top employers, is looking for a Third Party Risk Analyst, who has done full-cycle 3rd party vendor risk assessments to support their Information Security Risk Management and Governance...
-
Senior third party risk specialist
2 weeks ago
Toronto, Ontario, Canada TD Full timeGestion des risques Détails de la rémunération : En votre qualité de candidat ou de candidate, nous vous encourageons à avoir une conversation franche avec votre recruteur et à poser des questions sur la rémunération, notamment les particularités salariales de ce poste. The Senior Third Party Risk Specialist is a core role within the Third Party...
-
Associate Director, Third Party Risk
2 weeks ago
Toronto, Ontario, Canada Royal Bank of Canada Full timeJob SummaryJob DescriptionWhat is the opportunity?The GRM Third Party Risk (TPR) team is accountable for RBC's enterprise-wide Third Party Risk management (TPRM) strategy and framework, enabling RBC to identify, measure, monitor, and mitigate the risks associated with third parties. TPR works with Senior Management across RBC's business platforms and...
-
Third party risk relationship manager
2 weeks ago
Toronto, Ontario, Canada TD Full timeGouvernance et Contrôles Détails de la rémunération : En votre qualité de candidat ou de candidate, nous vous encourageons à avoir une conversation franche avec votre recruteur et à poser des questions sur la rémunération, notamment les particularités salariales de ce poste. Develop, communicate and implement a holistic governance and control...
-
Third Party Risk Relationship Manager
2 weeks ago
Toronto, Ontario, Canada The Toronto-Dominion Bank (Canada) Full timeDescription : KEY ACCOUNTABILITIES CUSTOMER Develop, communicate and implement a holistic governance and control strategy for own specific business function in support of and integrated with the overall business strategy Manage and plan activities that require alignment across multiple areas Lead the implementation of regulatory change management...
-
Third Party Risk Relationship Manager
1 month ago
Toronto, Ontario, Canada TD Bank Full timeWork Location:Toronto, Ontario, CanadaHours:37.5Line of Business:Governance & ControlPay Details:We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.Job...
-
Third Party Risk Relationship Manager
4 weeks ago
Toronto, Ontario, Canada TD Bank Full timeWork Location:Toronto, Ontario, CanadaHours:37.5Line of Business:Governance & ControlPay Details:We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.Job...
-
Senior third party risk specialist
2 weeks ago
Old Toronto, Ontario, Canada TD Full timeLieu de travail:Toronto, Ontario, CanadaHoraire:37.5Secteur d'activité:Gestion des risquesDétails de la rémunération :Nous avons à cœur d'offrir une rémunération juste et équitable à tous nos collègues. En votre qualité de candidat ou de candidate, nous vous encourageons à avoir une conversation franche avec votre recruteur et à poser des...
-
Global Third Party Risk Management Risk Advisor
2 weeks ago
Toronto, Ontario, Canada Bank of Montreal Full timeGlobal Third Party Risk Management Risk Advisor page is loaded Global Third Party Risk Management Risk Advisor Apply locations Toronto, ON, CAN time type Full time posted on Posted Yesterday job requisition id R Application Deadline: 05/31/2024 Address
-
Analyst, Third Party Management
2 weeks ago
Toronto, Ontario, Canada Scotiabank Full timeRequisition ID: 173618Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.PositionAnalyst Third-Party ManagementPurposeThe Third-Party Analyst - Technology is responsible for building, maintaining, and enhancing relationships with IT vendors and internal stakeholders (such as IT leadership and end users)....
-
Manager, Third Party Risk Management
2 weeks ago
Toronto, Ontario, Canada Mackenzie Financial Corporation Full timeJob Description:Grade: P7**Division:Risk, Audit & SustainabilityIGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approximately $271 billion in total assets under managements. The company provides a broad range of financial planning and investment management services to help more than two million Canadians...
-
Operations Analyst
2 days ago
Toronto, Ontario, Ontario, Canada Finance Professionals Inc. Full timeThis is not a risk analyst role as there are no risk assessments performed. More on the operational side and requires following up, monitoring, looking at reports, conducting analysis, follow-ups, outreach, heavy on communications. Need to have high engagement, sense of urgency, self-starters and fast learnersDaily Responsibilities:Risk Management &...
-
Toronto, Ontario, Canada Scotiabank Full timeRequisition ID: 175332Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.Advisor, Third Party Risk Management Governance and ReportingPurposeThe Governance & Reporting team within Third Party Management - Tech, Ops & Digital (TPM-TOD) has three key objectives:To provide governance ("1B") over Third Party...
-
Senior Third Party Risk Specialist
2 weeks ago
Old Toronto, Ontario, Canada TD Bank Full timeNous utilisons des témoins pour fournir et améliorer nos services de sorte à vous offrir une expérience plus personnalisée, et les services de suivi sont désactivés. Pour en savoir plus sur les témoins utilisés et pour consulter vos préférences, veuillez vérifier les paramètres de votre navigateur ou sélectionner Accepter pour consentir à...
-
Toronto, Ontario, Canada Scotiabank Full timeRequisition ID: 148385Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.PurposeThe Advisor, Governance & Reporting is shared services function responsible for supporting colleagues withinthe Third-Party Management - technology team, and 1A stakeholders across IT&S. This role is accountablefor creating,...
-
Manager, Information Security
2 weeks ago
Toronto, Ontario, Canada TD Bank Full time424651BRTechnology SolutionsToronto, ONNovember 14, 2023Hours37.5Workplace ModelHybridPay DetailsDepartment OverviewBuilding a World-Class Technology Team at TDJob DetailsAbout This RoleWe are looking for someone to manage a team of Technology Controls / Information Security experts as they develop and manage strategies, programs, tools, frameworks and...
-
Manager, Information Security
2 weeks ago
Toronto, Ontario, Canada TD Bank Full timeManager, Information Security:BRJob Category - Primary Technology SolutionsWork Location Front Street West CorporateEmployment Type RegularCity TorontoTime Type Full TimeProvince/State OntarioHours 37.5Workplace Model HybridPay DetailsDepartment OverviewBuilding a World-Class Technology Team at TDJob DetailsAbout This RoleWe are looking for someone to manage...
-
Associate Director, Information Security
4 weeks ago
Toronto, Ontario, Canada OICR Full timeSalary: Commensurate with level of experience; total compensation includes a competitive benefits plan, plus a defined benefit pension plan (HOOPP)About OICRThe Ontario Institute for Cancer Research (OICR) is Ontario's cancer research institute. We bring together people from across the province and around the world to improve the lives of everyone affected...
