Third Party Security Risk Manager
2 weeks ago
Being a traditional bank just isn't our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what's possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing things. If you're not afraid of taking on big challenges and redefining the future, you belong with us. You'll get to work with people who will encourage you to reach new heights. We like to keep things fun, ask questions and learn together.
We are a big (and growing) family. Overall we serve more than 670,000 people across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform ( eqbank.ca ) one of the top banks in Canada on the Forbes World's Best Banks list since 2021.
Purpose of Job
The Third-Party Security Risk manager will work closely with the technology teams and line of business teams to mitigate the risk of security attacks emanating from partners, vendors and other related third-parties while enabling the business to grow the bank and serve our customers efficiently and securely.
Main Activities:
• Perform Third-Party security risk assessments.
• Monitor and report on third-party security risk action plans, engaging with third-party contacts as well as business stakeholders.
• Maintain third-party security risk management framework ensuring alignment with Risk management framework (2nd Line of defense) and Privacy requirements
• Provide security input to third-party contracts by ensuring alignment with cyber security regulatory requirements and Company cyber security policies
• Identify supplier related cyber risk threat scenarios and evaluate risk rating based on a thorough review of the third party's security program and technical architecture.
• Monitor third-party compliance program, ensuring continuous compliance and evidence collection, validation, and recording.
Knowledge/Skill Requirements:
• A college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.
• At least five (5) years of information security and information risk experience.
• At least three (3) years of third-party risk management experience (including hands-on experience conducting third party risk assessments)
• Understanding of Cloud Shared responsibility models and risk mitigation approach/techniques.
• Experience in performing organization-wide/entity security risk assessments or audits is required.
• Understanding and experience with security compliance frameworks such as PCI DSS, BSIMM, Cloud Security Alliance, NIST, ISO 27K series is required.
• Understanding of Canadian Financial industry regulations relevant to third-party security and privacy expectations E.g. OSFI, OPC
• The following certifications are preferred: CCSP, CCSK, CISM, CISSP, CISA, or CRISC.
• Experience working in a banking or financial services environment is an asset.
Accountability
• The incumbent works under direct management of the Senior Manager, Information Security Risk Management. They will be expected to lead and provide guidance to others in the department.
• The incumbent is accountable for formulating, developing and drafting security policies, procedures, and other relevant documents while liaising with the concerned stakeholders to ensure that the Information Security concerns are amicably addressed and their buy-in is obtained. Hence paving the way for easy acceptance at the time of implementation.
• The incumbent is accountable for the managing of security risk throughout the lifecycle, right from identifying the security risk to explaining it to the relevant stakeholders and getting their buy-in in remediating to tracking the closure of the weaknesses/risks to the organization.
• The incumbent is accountable for ensuring the completeness and accuracy of the periodic compliance reports submitted by the IT functions. Failure to it may result in the IT organization being non-compliant with external and internal regulators.
• The incumbent is also responsible for performing penetration testing as per the agreed upon plan by the Senior Manager, IT Security & Compliance and, compiling the report and working with the concerned stakeholder for getting the weaknesses remediated/fixed or risk accepted. Similarly, the incumbent will maintain register for penetration testing results and vulnerabilities and liaise with action owners for fixing the gaps.
• The incumbent is also responsible for administering and managing GRC solution implemented in the Bank, look at ways of improving the solution and address and resolve queries from various other stakeholders.
• This position is also required to work with internal and external audit and compliance related teams and partners on an as needed basis.
• The incumbent is accountable for ensuring that the information security controls identified and agreed for implementation have been properly implemented/embedded within the Information technology systems and operations. Non-implementation may result in the organization being exposed to cyber threats.
What we offer [For full-time permanent roles]
Competitive discretionary bonus
Market leading RRSP match program
Medical, dental, vision, life, and disability benefits
Employee Share Purchase Plan
Maternity/Parental top-up while you care for your little one
Generous vacation policy and personal days
Virtual events to connect with your fellow colleagues
Annual professional development allowance and a comprehensive Career Development program
A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience
The incumbent will be working hybrid and in office time will be spent working from Equitable Bank's additional office space located at 351 King Street East, Toronto, ON.
Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyone's diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well.
We commit to providing a barrier-free recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position.
We can't wait to get to know you
-
Third Party Security Risk Manager
2 weeks ago
Toronto, Canada Disability Solutions Full timeJoin a ChallengerBeing a traditional bank just isn't our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what's possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing things....
-
Third Party Security Risk Manager
1 week ago
Old Toronto, Canada Equitable Group Full timep>Join a ChallengerBeing a traditional bank just isn’t our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what’s possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing...
-
Third Party Security Risk Manager Lead
1 week ago
Old Toronto, Canada Equitable Group Full timeJob SummaryWe are seeking a highly skilled Third Party Security Risk Manager to join our team at Equitable Group. In this role, you will be responsible for mitigating security risks associated with third-party vendors and partners, while ensuring the efficient and secure growth of our business.About the RoleThe ideal candidate will have a strong background...
-
Third Party Security Risk Manager
1 week ago
Old Toronto, Canada Equitable Group Full timeJoin a ChallengerBeing a traditional bank just isn’t our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what’s possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing...
-
Expert, Information Security Third Party Risk
7 months ago
Toronto, Canada Canadian National Railway Full timeAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and...
-
Director, Third Party Risk
6 months ago
Toronto, Canada CIBC Full timeWe’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are...
-
Manager, Third Party Risk Management
6 months ago
Toronto, Canada Questrade Financial Group Full timeQuestrade Financial Group (QFG) of Companies is committed to helping our customers become much more financially successful and secure. We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about...
-
Senior Director, Third Party Risk Management
1 month ago
Toronto, Ontario, Canada CIBC Full timeAbout the RoleWe are seeking a highly experienced and strategic Senior Director to lead our Third Party Risk Management function. As a key member of our US Technology, Infrastructure & Innovation team, you will be responsible for developing and implementing a comprehensive third party risk management strategy that aligns with CIBC's risk tolerance and...
-
Cybersecurity Specialist
1 week ago
Toronto, Ontario, Canada Royal Bank of Canada Full timeJob SummaryWe are seeking a highly skilled Cybersecurity Specialist to join our Third Party Risk Management team at Royal Bank of Canada. This role will be responsible for identifying, collecting, and maintaining data to represent the cybersecurity postures of RBC's third-party suppliers.About the RoleThis is an exciting opportunity for someone with...
-
Third-Party Risk Management Specialist
6 days ago
Toronto, Ontario, Canada CB Canada Full timeAs a Third-Party Risk Management Specialist with Canadian Premier, you will play a critical role in ensuring the security and integrity of our business operations.We are seeking an experienced professional to join our team and contribute to our commitment to providing financial security to Canadians and their families.About UsCanadian Premier is a leading...
-
Senior Manager of Third Party Risk
2 weeks ago
Toronto, Ontario, Canada MUFG Investor Services Full timeJob SummaryAs a Senior Manager of Third Party Risk at MUFG Investor Services, you will be responsible for maintaining and implementing the Third-Party Management governance framework across the organization. This will involve ensuring compliance with regulatory standards, performing ongoing review of the framework's effectiveness, and identifying, reducing,...
-
Director, Third Party Risk Management
3 months ago
Toronto, Canada Manulife Full timeWe are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and...
-
Third Party Risk Management Specialist
7 days ago
Old Toronto, Canada Sun Life Financial Full timeOversee Third-Party RisksSun Life Financial is seeking an experienced professional to lead the oversight of third-party risk management policies and programs across the enterprise.This role requires a strong understanding of third-party risk management principles, as well as excellent leadership and communication skills. The ideal candidate will be able to...
-
Third-Party Risk Management Specialist
1 month ago
Toronto, Ontario, Canada CB Canada Full timeJob SummaryWe are seeking a highly skilled Third-Party Risk Management Analyst to join our team at Canadian Premier. As a key member of our risk management team, you will be responsible for identifying, assessing, and mitigating risks associated with third-party vendors.Key ResponsibilitiesDevelop and implement risk management strategies to ensure compliance...
-
Manager - Enterprise Third-party Risk Management
5 months ago
Toronto, Canada BMO Financial Group Full time100 King Street West Toronto Ontario,M5X 1A1 BMO is looking for a Manager - Enterprise Third-Party Risk Management (ETPRM) to join our team. This is an individual contributor role. As the Manager - Enterprise Third-Party Risk Management, you will play a pivotal role in establishing and enhancing our third-party risk management frameworks. Reporting to the...
-
Third Party Risk Management Specialist
5 months ago
Toronto, Canada Affirm Full timeAffirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm's Enterprise Risk Management (ERM) team is focused on enabling informed risk based decisions by establishing enterprise standards, governance practices and independent risk...
-
Third-party Contracting Manager, Third-party
5 months ago
Toronto, Canada CIBC Mellon Full time**Company Information**: CIBC Mellon is a leading provider of asset servicing solutions to institutional investors in Canada, including multi-currency accounting, fund valuation, and investment information reporting. We are passionate about providing exceptional client service backed by our culture of innovation and success. Our outstanding employee...
-
Senior Manager, Third Party Risk Programs
1 month ago
Toronto, Ontario, Canada The Toronto-Dominion Bank (Canada) Full timeJob SummaryWe are seeking a highly skilled and experienced Senior Manager, Third Party Risk Programs to join our team. As a key member of our Third Party Risk Management Office, you will be responsible for supporting the management of third-party risks and ensuring compliance with regulatory requirements and TD Standards.Key ResponsibilitiesDesign and...
-
Senior Director, Third Party Risk Management
2 weeks ago
Toronto, Ontario, Canada CIBC Full timeJob Title: Senior Director, Third Party Risk ManagementWe're seeking a highly experienced Senior Director to lead our Third Party Risk Management team. This role will develop and implement strategies to manage third party risk, ensuring the protection of CIBC's information assets.Develop and implement risk management strategies for third party vendorsLead...
-
Strategic Third Party Risk Management Leader
1 week ago
Old Toronto, Canada Scotiabank Full timeScotiabank is seeking a seasoned Strategic Third Party Risk Management Leader to drive the development, implementation, and oversight of its global framework for Third Party Risk.About the RoleThis key leadership position involves shaping the strategy, governance, and oversight of the processes and structures used across the enterprise to direct and manage...
