Technology & Vendor Risk Specialist

BRPMontreal, QC
Hybrid
Match Resume

About The Position

We are seeking a highly skilled Senior Analyst – Technology Risk Management & Third-Party Risk Management (TPRM) to support and strengthen our tech risk program. This role will work closely with the Information Security Governance & Compliance (GRC) team and cross-functional stakeholders to assess, monitor, and manage technology-related risks, in addition to managing the technology risk register.

Requirements

  • Proven experience in Technology Third-Party Risk Management (TPRM) and vendor risk assessments.
  • Proven experience in managing 2LoD (second line of defence) requirements for risk management.
  • Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory expectations.
  • Strong understanding of Business continuity and Disaster recovery processes and methodologies
  • Solid knowledge of SOX IT General Controls (ITGCs) and their application to third-party service providers.
  • Hands-on experience in technology risk analysis, remediation planning, and residual risk management.
  • Experience conducting technology due diligence for vendors and service providers, including review of SOC2 type 2 reports, etc.
  • Excellent analytical, communication, and documentation skills.
  • The ability to manage multiple priorities and work independently in a fast-paced environment.

Responsibilities

  • Perform comprehensive risk assessments of third-party vendors delivering technology products and services.
  • Review and analyze vendor responses to cybersecurity and risk questionnaires, including evaluation of supporting documentation and evidence.
  • Conduct technology risk analysis, develop mitigation strategies, and track remediation efforts through to closure.
  • Evaluate and report on residual risk levels, ensuring proper documentation and escalation of high-risk issues.
  • Support and execute technology due diligence activities for both new and existing vendors.
  • Collaborate with internal stakeholders (Procurement, Legal, Privacy, Architecture, and IT teams) to ensure vendor engagements meet internal policies, regulatory requirements, and industry best practices.
  • Contribute to the continuous improvement of the TPRM framework, processes, and controls.
  • Manage the lifecycle of risk events in the technology risk register
  • Discuss coordinated action plans with IT architecture teams and multiple departments

Benefits

  • Annual bonus based on the company’s financial results
  • Generous paid time away
  • Pension plan
  • Collective saving opportunities
  • Industry leading healthcare fully paid by BRP
  • Flexible work schedule
  • A summer schedule that varies by department and location
  • Holiday season shutdown
  • Educational resources
  • Discount on BRP products

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Job Search Resources

Similar Technology & Vendor Risk Specialist job opportunities

Manager, Vendor & Risk Management
RBC
RBC • Toronto, ON8d • Onsite
Sr Vendor Management & Technology Procurement Specialist
Valero
Valero • San Antonio, TX9d • Onsite
Manager Technology Vendor Management
CVS Health
CVS Health • New York, IL9d • $54,300 - $145,860 • Remote
Associate, Technology Vendor Management
American Express
American Express • Phoenix, AZ3d • $78,000 - $124,750 • Hybrid
🔥 New JobBusiness Mgmt Specialist - Technology Risk
TD
TD • Fort Lauderdale, FL1d • $91,000 - $136,240 • Onsite
Manager, Technology Risk
Hinge Health
Hinge Health • San Francisco, CA8d • Hybrid

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service