Talent.com
Bank of Canada
Cyber Third-Party Risk SpecialistBank of Canada • Ottawa (Downtown), ON, CA
No longer accepting applications
Cyber Third-Party Risk Specialist

Cyber Third-Party Risk Specialist

Bank of Canada • Ottawa (Downtown), ON, CA
30+ days ago
Job type
  • Permanent
Job description

Cyber Third-Party Risk Specialist


Take a central role

The Bank of Canada has a vision to be a leading central bank—dynamic, engaged and trusted—committed to a better Canada. No other employer in the country offers you the unique opportunity to work at the very center of Canada’s economy, in an organization with significant impact on the economic and financial well-being of all Canadians. You will be challenged, energized and motivated to excel in our environment.


Building on the principles that have always guided us – excellence, integrity and respect – we strive to be forward-looking and innovative, to welcome people with diverse perspectives and talents, and to earn trust by living up to our commitments and by clearly explaining the intent of our policies and actions.


With our defined-benefit pension plan, benefits, and high flexibility for work life balance - find out more about why we are annually ranked as one of Canada's top employers: Working Here - Bank of Canada

Find out more about the next steps in our Recruitment process.

In addition to the position being staffed, this competition may be used to fill similar opportunities (Regular or Term) that become available at the same job grade. If you’re interested in this type of role, we encourage you to apply.

About this opportunity

Help build the next generation of cyber resilience at the Bank. Join the Bank’s Cyber Security team to work on high-priority technical initiatives that strengthen how we detect, respond to, and recover from cyber threats in a rapidly evolving environment.

Join the Cyber Security Assurance team within the Information and Technology Services (ITS) department, where you will play a key role in strengthening the Bank’s cyber resilience by advancing how third-party risks are assessed and managed. You will contribute to the evolution of assessment methodologies that address increasingly complex supplier, cloud, AI and emerging technology risks.

What you will do

Working closely with cross-functional partners, including procurement, business owners, legal, privacy, cyber security and technology teams, you will support secure supplier onboarding, ongoing monitoring, and the management of supply-chain risk. Your work will directly influence how the Bank identifies, assesses, and mitigates cyber risks across its third-party ecosystem.

More specifically, you will:

  • Modernize vendor assessment and develop risk hypotheses methodologies to better address evolving risks from emerging technologies, including AI, software supply chains, and fourth-party ecosystems.
  • Define assessment requirements and assurance techniques for supplier security controls.
  • Analyze trends in supplier assessment findings to identify systemic risks and recommend control improvement.
  • Research and evaluate new assurance methods, control evidence models, and industry practices.
  • Provide guidance for assessing cloud, SaaS, AI, managed service, and critical supplier relationships
  • Analyze security attestations, certifications, control evidence, and technical documentation to evaluate supplier security posture.
  • Support cyber incident investigations involving suppliers by delivering risk analysis assessment expertise.
  • Contribute to the continuous improvement of third-party risk management processes, tools, and assessment capabilities.

What you need to succeed

Demonstrated excellent communication skills, both written and verbal, with the ability to effectively manage stakeholders and handle escalations. Brings a process-driven, proactive approach as a self-starter and innovative problem solver, while contributing positively with collaborative team environment. Remains current on emerging cyber security technologies (e.g., Quantum, GenAI) and the evolving threat landscape to support informed and adaptive decision-making.

More specifically, from a technical perspective: Understanding of third-party and security risk frameworks, such as NIST

  • Experience reviewing or interpreting security attestations and certifications (SOC 2, ISO 27001, CSA STAR, PCI-DSS).
  • Knowledge of Canadian data residency and data sovereignty requirements.
  • Working knowledge of common threat models and security risks (MITRE ATT&CK, OWASP Top 10).
  • Ability to analyze complex information, define problems, and provide clear, logical recommendations.

Nice-to-have

  • Experience as a third-party assessor, internal/external auditor, or consultant supporting public sector organizations or Crown corporations.
  • Relevant certifications such as CISSP, Security+, CCSA, CISA, GCCC, or GCED.

Education and experience

This position requires a university degree or college diploma in computer science, systems engineering, cybersecurity, or a related discipline, and a minimum of 6 years of recent and relevant experience.

Experience should demonstrate your ability to assess technical and non-technical risks, interpret security controls, work with cross-functional stakeholders, and provide clear guidance on complex security issues.

An equivalent combination of education and professional experience may also be considered.

Innovative Mindset

We value candidates who demonstrate adaptability, curiosity, and a willingness to learn new technologies, including AI and digital tools. We seek individuals who can think critically about data, question existing processes, and find ways to simplify our work while embracing change and new ways of doing things.

Language requirement

The Bank’s work environment is conducive to the use of both of Canada’s official languages - English and French. Although the position language requirement is English or French essential, we do encourage everyone to improve their second language proficiency for future career growth and to contribute towards fostering a bilingual environment.

What you need to know

    • Priority will be given to Canadian citizens and permanent residents
    • Security level required: Be eligible to obtain Secret
    • There will be no relocation assistance provided
    • Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
    • The official title for this position is “Senior IT Security Assessment Specialist”

Hybrid Work Model

The Bank offers work arrangements that provide employees with flexibility, enable high-performing teams, and support an excellent workplace culture. Most employees can telework from home for a portion of each month as part of the Bank’s hybrid work model, and they are expected on site at the Bank location a minimum of 12 days per month to help build connections between colleagues. You must live in Canada, and within reasonable commuting distance of the office.

What you can expect from us
This is a great opportunity to join a leading organization and be part of a high-performing team. We offer a competitive compensation and benefits package designed to meet your needs at every stage of your life and career. For more information on key benefits please visit A great deal to consider.

    • Salaries are based on qualifications and experience and typically range from $111,051 to $130,649 (job grade 17)
    • The Bank offers an incentive for successfully meeting expectations at 7 to 10% of your base salary. The Bank offers additional performance pay (5%) for those who exceed expectations. Exceptional performers who far exceed expectations may be eligible for higher performance pay.
    • Flexible and comprehensive benefits so you can choose the level of health and dental coverage that meets your needs
    • Extra vacation days (up to five each year) that you can purchase to add to your vacation entitlement
    • Option to join the indexed, defined-benefit pension plan after 24 consecutive months of service

We wish to thank all applicants for their interest and effort in applying for this position. Only candidates selected for interviews will be contacted.

Create a job alert for this search

Cyber Third-Party Risk Specialist • Ottawa (Downtown), ON, CA

Similar jobs

Cyber Security Architect

Intuitive.aiOttawa, ON, CA
Full-time

Talent Acquisition Leader | Hiring Cloud Professionals Globally.Cloud is one of the fastest-growing (INC 5000, CRN) Cloud & SDx solution and services companies supporting enterprise customers on a ... Show more

 • Promoted

Head of Risk - Remote

BitfinexOttawa, ON, CA
Remote
Full-time

Be among the first 25 applicants.Inspired by Bitcoin's vision of financial freedom, we are committed to empowering individuals to transact and connect seamlessly across the globe.From the early day... Show more

 • Promoted

Cyber Security Analyst

Searidge TechnologiesOttawa, ON, CA
Temporary

Fixed-Term Contract (6-months).Searidge Technologies is a global leader in the Air Traffic Control space, boldly forging new paths bringing innovative technology, such as Artificial Intelligence (A... Show more

 • Promoted

Remote DeFi Trader — AI‑Powered Alpha & Risk

Al Falasi ConsultancyOttawa, ON, CA
Remote
Full-time

A recruitment agency specializing in DeFi roles is seeking a proactive DeFi Trader to manage and execute trading strategies within a leading quantitative crypto fund.This fully remote position offe... Show more

 • Promoted

Security Governance, Risk and Compliance Specialist

Tecsys Inc.Ottawa, ON, CA
Full-time +1

Security Governance, Risk and Compliance Specialist.Having recognized the advantages of remote work, such as improved employee morale, increased productivity, and positive impacts on both employee ... Show more

 • Promoted

Cyber Security Renewals Specialist (Canada)

Fortinet, Inc.Ottawa, ON, CA
Full-time

A leading cybersecurity company in Ontario, Canada, is looking for a Renewal Representative to support all operational functions of the Renewal Sales cycle.The ideal candidate will manage customer ... Show more

 • Promoted

Senior DFIR Consultant for Complex Cybersecurity Investigations

New Value SolutionsOttawa, ON, CA
Full-time

Become a pivotal force in cybersecurity as a Senior DFIR Consultant.Lead forensic investigations and incident responses in a contract capacity across enterprise systems.This senior role requires yo... Show more

 • Promoted

Cyber Security Analyst

Brookfield RenewableGatineau, QC, CA
Full-time

Get AI-powered advice on this job and more exclusive features.Direct message the job poster from Brookfield Renewable.Talent Acquisition Coordinator, Brookfield Renewable | MBA | B.Brookfield Renew... Show more

 • Promoted

Senior IT Security Design Specialist

Adga-Groupottawa, on, Canada
Full-time

Compensation: CAD 110 - CAD 120 - hourly.ADGA Group is a Canadian‑owned defence and security company that provides integrated, mission‑critical technical solutions to Government and industry, speci... Show more

 • Promoted • New!

Remote Cloud Security Architect: DevSecOps & Risk Leader

Intuitive.aiOttawa, ON, CA
Remote
Full-time

A leading cybersecurity solutions company is seeking a Cybersecurity Specialist (GCP) to enhance their Cybersecurity Program.The role involves developing comprehensive security strategies in cloud ... Show more

 • Promoted

Remote IT Security Risk Analyst: Governance & Risk

Onico SolutionsOttawa, ON, CA
Remote
Permanent

A leading IT security firm in Richmond Hill is looking for an IT Security Risk Analyst to support their Information Security Risk Management programs.The role requires expertise in risk assessments... Show more

 • Promoted

QNX Senior Cybersecurity Manager

BlackBerry Inc.Ottawa, ON, CA
Full-time

Be the cybersecurity authority for development teams, guiding them to meet ISO/SAE 21434 standards and beyond.Own and evolve the QNX Cybersecurity Management System—your ideas will drive improvemen... Show more

 • Promoted

IT & Security Specialist

SenstarOttawa, ON, CA
Full-time

Senstar is a global leader in advanced perimeter intrusion detection and video management solutions.For over 40 years, we have been protecting critical infrastructure, national borders, and high-va... Show more

 • Promoted

XSOAR Architect in Cybersecurity Solutions

Ateko, backed by Bell CanadaOttawa, ON, CA
Full-time

Drive innovation in cybersecurity as an XSOAR Architect, focusing on design and deployment of cutting-edge automation strategies.This role specializes in integrating Palo Alto Cortex XSOAR with var... Show more

 • Promoted

Cyber Security Analyst II

Comtech Telecommunications Corp.Outaouais
Full-time

Comtech Telecommunications Corp.Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability protected veteran status or ... Show more

 • Promoted

Security Systems Application Specialist

AinsworthOttawa, ON, CA
Full-time

If you thrive in a team-oriented workplace that challenges your skills, to drive your career development, embraces diversity and rewards innovation, with competitive pay and great employee programs... Show more

 • Promoted

Cybersecurity Channel Solutions Engineer

Marler & Associates SearchOttawa, ON, CA
Full-time

A global cybersecurity firm is seeking a Channel Solutions Engineer to empower strategic partners and enhance technical capabilities.You will provide support as a trusted technical advisor, focusin... Show more

 • Promoted

Full-Cycle DFIR Specialist (Contract)

New Value SolutionsOttawa, ON, CA
Full-time

A cybersecurity solutions provider is seeking a highly skilled Senior DFIR Specialist to lead complex investigations and incident response activities.The ideal candidate will have over 5 years of e... Show more

 • Promoted

Cyber Defense Analyst: Threat Detection & Response

ArsenaultOttawa, ON, CA
Full-time

A technology services firm in Ottawa is looking for an experienced Cybersecurity Analyst to support risk mitigation efforts.The candidate will manage Cyber activities such as monitoring system acti... Show more

 • Promoted

Senior IT Security TRA Analyst — Ottawa Focused Risk

ADGA GroupOttawa
Full-time

A Canadian defence and security technology firm is seeking a Senior IT Security Threat & Risk Assessment (TRA) Analyst in Ottawa.Responsibilities include reviewing IT Security policies, conducting ... Show more