Manager, Third Party Risk

What you'll do:

Key Responsibilities

Governance & Oversight

• Support the ongoing enhancement and operationalization of the enterprise TPRM framework, standards, procedures, and governance processes

• Conduct oversight and challenge of third-party risk activities across onboarding, reassessment, monitoring, renewal, and termination activities

• Coordinate and support TPRM governance committees, risk forums, and escalation activities

• Monitor adherence to TPRM standards, operational SLAs, and regulatory expectations

• Support development and maintenance of TPRM operating standards and lifecycle governance controls

Risk Monitoring & Reporting

• Develop and maintain TPRM dashboards, metrics, KRIs, and executive reporting

• Support monthly reporting on vendor risk exposures, SLA breaches, incidents, outages, remediation status, and concentration risks

• Track and escalate overdue assessments, unresolved risk issues, and remediation activities

• Support development of board and committee reporting materials

• Monitor vendor lifecycle activities and ongoing risk exposure trends

Lifecycle & Ongoing Monitoring

• Coordinate cyclical reassessment activities based on vendor criticality and inherent risk

• Support ongoing monitoring activities including review of:

  • SOC reports

  • BCM/DR evidence

  • control attestations

  • SLA performance

  • incidents and operational disruptions

• Support governance activities related to vendor renewals, material changes, and exits

• Assist in development of concentration risk and critical dependency inventories

Process Improvement & Operationalization

• Identify opportunities to streamline TPRM workflows, assessments, and intake processes

• Support implementation of risk-based due diligence and assessment methodologies

• Partner with Procurement, Legal, SMEs, and business stakeholders to improve process efficiency and accountability

• Support workflow enhancement initiatives, automation opportunities, and tooling improvements

• Assist with implementation of operational SLAs, escalation triggers, and remediation governance

Stakeholder Engagement

• Act as a key liaison between ERM, Procurement, Legal, SMEs, and business stakeholders

• Support first-line business owners in executing vendor governance responsibilities

• Coordinate stakeholder meetings, issue follow-ups, and governance activities

• Provide guidance and training on TPRM processes and requirements

What you bring:

• 5–8+ years of experience in: Third-Party Risk Management, Operational Risk, Enterprise Risk Management, Vendor Governance, Operational Resilience

• Experience operating within regulated financial institutions

• Strong understanding of: OSFI B-10, operational resilience principles, risk governance frameworks, third-party lifecycle management

• Experience developing governance reporting, KRIs, and executive dashboards

• Experience coordinating cross-functional risk assessments and remediation activities

• Strong stakeholder management and organizational skills

• Strong written communication and presentation skills

• Experience with TPRM platforms and workflow tools (e.g., ProcessUnity, Archer, ServiceNow, OneTrust, Coupa, etc.) is an asset

• Experience implementing or enhancing risk-based assessment methodologies

• Familiarity with Operational Resilience frameworks, concentration risk management, SLA governance, vendor lifecycle governance is an asset

• Relevant certifications considered an asset: CTPRP, CRISC and CISA

We’re always looking for great talent! In addition to competitive pay, we offer:

• Comprehensive benefits and retirement programs

• Performance incentives, Continuing Education Programs

• Other perks to support your well-being

• Career growth opportunities and product discounts

Broadband Salary Range: $79,000 – $131,000.

Our typical hiring range is between $79,000 and $105,000. Salary decisions are also dependent on other factors such as your experience, industry benchmarks, internal equity and other role-specific requirements. For critical roles, the compensation offering will be reviewed to ensure alignment with market rate and conditions and the unique value you bring to the role.

We may use artificial intelligence tools as part of our recruitment process to assist in the initial screening of resumes. All hiring decisions, including candidate evaluation, selection, and disposition, are made by human recruiters.

About Us

At Canadian Tire Services Limited/Canadian Tire Bank, it is our mandate to continue to create innovative and rewarding financial solutions for our customers. Our growing suite of products and services showcase the dynamic contributions from our employees and our success is driven by a strong vision, loyal customers, and our ability to build teams that reflect the diverse customers and communities in which we live and work. Join us, where there's a place for you here.

Our Commitment to Diversity, Inclusion and Belonging 

We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better. .

Accommodations  

We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.