Cyber Security Vendor/3rd party risk specialist

12 months contract

Montreal, QC (3 days onsite)

Purpose

The Cyber Security Supply Chain Risk Specialist ensures that third party services across North, Central, and South America meet business, regulatory, and security standards.

The role partners with Relationship Managers, Vendor Management, and global security teams to translate global vendor due diligence findings into actionable local mitigations, run continuous monitoring programs, and lead third party security transformation projects.

Key Responsibilities

Supply Chain Risk Management

• Review and understand vendor services and define assessment scope using the Vendor Questionnaire
• Conduct security assessments or work with global team to ensure appropriately scoped assessments are performed; deliver findings in both English and Spanish
• Evaluate final assessment reports, define appropriate risk...