Toronto, ON
Duration: 6 months + Possibility of extension/FTE(based off of business needs and performance)
Location: Toronto – Hybrid, 2 days on site, moving to 4 days on site eventually
Anchor Days (if applicable): flexible
Schedule Hours: M-F, core business hours – 37.5 hours per week, 7.5 hours per day
Rate Range (Inc.): $70 - $79/hr.(commensurate with experience)
Deadline: January 10, 2026
Job Details:
Candidate Profile Details:
• Degree/Certifications Required: Post secondary is preferred, CISSP cert is preferred or any other relevant information Security certs are an asset
• Years of Overall Experience: 10+ years of experience
• % Interaction with Stakeholders: 50%
• Preferred Candidate Background: Cybersecurity experience, banking experience is helpful
• Selling Points of Position (CVP): Opportunity for long term, gaining banking experience from a large bank, lots of opportunity to learn and grow
Summary Of Day-To-Day Responsibilities:
• About the role: We are looking for someone to lead and execute third party cyber risk assessments of Client’s global suppliers.
• The assessor will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect Client.
• The assessor may also participate in department initiatives of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
• Coordinate with key risk stakeholders to initiate, scope and plan third party cyber risk assessments of new and existing suppliers of all risk levels.
• Lead or contribute to the completion of third-party cyber risk assessments at the business application, portfolio, or overall enterprise level.
• Communicate the cyber risk assessment results to internal and external stakeholders.
• Coordinate with risk stakeholders to identify appropriate risk mitigation and remediation plans. Perform validation of the risk mitigation and remediation plans upon implementation.
• Complete assessments in accordance with internal procedures and standards, industry frameworks and best practices.
• Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
• Contribute to the definition, development, and oversight of a global third-party cyber security management strategy and framework.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
