CrawlJobs Logo
Randstad Logo Randstad · Finance

Risk analyst, third-party risk reporting and compliance

Canada, Toronto 50.00 - 53.00 CAD / Hour · Job Posted April 15, 2026
Apply Position
Job Link Share

Job Description

In this role, you are the "architect" of the risk story. You will be responsible for collating and synthesizing data from disparate sources to draft comprehensive quarterly reports on the risk health of third-party supplier portfolios. Beyond traditional reporting, this position is a tech-forward mandate: you will be expected to use and develop AI Agents to optimize manual processes, moving the department toward a more automated, efficient future. You will oversee the end-to-end delivery of reporting for the US, Europe/UK, and Enterprise-wide Risk Committees.

Job Responsibility

  • Collect and "stitch together" data from various sources to draft quarterly risk health reports for Enterprise, US, and UK/Europe regions
  • Perform key monitoring activities to ensure all third-party engagements meet Enterprise Risk Policies and Standards
  • Daily use of AI tools to automate manual data collection and reporting tasks
  • participate in the expansion of AI Agent knowledge
  • Act as a primary bridge between Functions Practice Management, Compliance, and various enterprise risk partners
  • Proactively flag risk health concerns and compliance gaps within assigned portfolios to senior management
  • Own the accuracy, timeliness, and quality of all draft reports and monitoring deliverables

Requirements

  • 3+ years in Supplier Risk/Third Party Risk Management (TPRM) or Risk & Governance practices
  • 3+ years of experience in Business Analysis (process, workflow, requirements) or Change Management
  • Advanced/Expert skills in MS Office (Excel, PowerPoint, Visio) and experience with reporting tools like Tableau or Power BI
  • Proficient use of Risk Management tools (e.g., RSA Archer) and Procurement platforms (e.g., Ivalua, Ariba)
  • Bachelor’s degree in Business, Finance, Risk, or a related field
  • Strong critical thinking, analytical problem-solving, and the ability to work within a complex, matrixed organization

Nice to have

  • Familiarity with the Financial Services/Banking sector
  • Understanding of Systems Development Lifecycle (SDLC) and cloud software models (SaaS, IaaS, PaaS)
  • Ability to interpret contract and commercial purchase language

What we offer

  • Innovation Leader: Direct opportunity to pilot and implement cutting-edge AI tools and Agent creation within a global banking environment
  • High Visibility: Your reports will reach Enterprise and Regional Risk Committees, providing exposure to senior leadership across multiple jurisdictions
  • Strategic Impact: Play a pivotal role in shaping how a major financial institution manages its global third-party risk posture
  • Collaborative Culture: Work at the intersection of Practice Management, Enterprise Risk, and global risk partners
Randstad - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Risk analyst, third-party risk reporting and compliance

8 matching positions

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Third Party Risk Analyst

Our team members are at the heart of everything we do. At Cencora, we are united...
Location
Location
Colombia , Bogota
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree – required
  • 3-5 years of work experience in similar position
  • Strong understanding of risk management principles and practices, particularly as they relate to third party relationships
  • Familiarity with contract negotiation, invoice processing or legal terms review preferred
  • Proficiency in data analysis and the ability to assess and interpret contracts, compliance documentation, and financial statements
  • Excellent written and verbal communication skills required for reporting findings, communicating with vendors and collaborating with internal stakeholders
  • The ability to identify and mitigate risks, as well as to develop effective risk mitigation strategies
  • Self-motivated, ability to work independently, strong organizational skills
  • Ability to multitask and work in a fast paced environment
  • Consistently delivers results and meets deadlines
Job Responsibility
Job Responsibility
  • Identify, measure, and report operational and Third-Party Risk Management risks
  • Support management of third-party risk onboarding and due diligence by ensuring appropriate risk assessments are completed
  • Assist Business Owners with due diligence documentation and evaluation of third-party relationships
  • Execute issue management end-to-end activities (issue identification, prioritization, assignment, remediation, closure) for matters pertaining to third parties
  • Ensure adequate, appropriate, and current third-party risk documentation is maintained in the Third Party Risk Management Software System
  • Leverage the Third-Party Risk Management Software System as the system of record and as a reporting tool to analyze vendors for risk analysis
  • Consult with business leaders to effectively manage change when required
  • Provide risk oversight for process improvement projects, as needed
  • Liaise with senior management and Third-Party Risk Management stakeholders
  • Oversee and / or develop ongoing monitoring activities in alignment with TPRM policy
  • Fulltime
Read More
Arrow Right

Third Party Vendor Management Senior Analyst

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
Costa Rica , Heredia
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience
  • Knowledge in risk management, particularly Resilience and Third-Party Risk Management
  • Understanding of Third-Party Management policy and procedures
  • Familiarity with risk governance structures and risk appetite parameters
  • Ability to create, apply, and analyze MIS of reports
  • Background in the implementation of third-party and resilience risk processes across various sectors and regions
  • Experience in conducting comprehensive third-party and resilience risk management reviews
  • Knowledge of relevant regulations and standards related to risk management, and ability to ensure compliance
  • Adapt to work across a diverse organization, managing various sectors and regions
  • Utilize strong analytical skills to interpret complex data and present it in a clear and understandable manner
Job Responsibility
Job Responsibility
  • Represent business leadership in Third-Party Risk Management activities coordination and facilitation
  • Evaluate market conditions and provide insight into trends that could impact the business
  • Advise on third-party risk assessments and reassessments
  • Verify third-party compliance to required policies and controls
  • Partner with operations and tech teams for on-site visits of third parties when necessary
  • Maintain and update Exit Strategy Plans as required
  • Address escalations of non-performance and contractual issues with third parties when necessary
  • Monitor third-party performance and service level agreements
  • Ensure proper execution and upload of third-party contracts in Contract Management System
  • Review, prioritize, assess, and act on third-party risk management assessments results
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst

Working at Citi is far more than just a job. A career with us means joining a te...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge in risk management, particularly Resilience and Third-Party Risk Management
  • Understanding of Third-Party Management policy and procedures
  • Familiarity with risk governance structures and risk appetite parameters
  • Ability to create, apply, and analyse reports
  • Background in the implementation of third-party and resilience risk processes across various sectors and regions
  • Experience in conducting comprehensive third-party and resilience risk management reviews
  • Knowledge of relevant regulations and standards related to risk management, and ability to ensure compliance
  • Adapt to work across a diverse organisation, managing various sectors and regions
  • Utilise strong analytical skills to interpret complex data and present it in a clear and understandable manner
  • Identify and address potential risks, ensuring adherence to regulatory standards
Job Responsibility
Job Responsibility
  • Represent business leadership in Third-Party Risk Management activities coordination and facilitation
  • Evaluate market conditions and provide insight into trends that could impact the business
  • Verify third-party compliance to required policies and controls and advise on third-party risk assessments and reassessments
  • Partner with operations and tech teams for on-site visits of third parties when necessary
  • Maintain and update Exit Strategy Plans as required
  • Address escalations of non-performance and contractual issues with third parties when necessary
  • Monitor third-party performance and service level agreements
  • Ensure proper execution and upload of third-party contracts in Contract Management System
  • Review, prioritise, assess, and act on third-party risk management assessments results
  • Facilitate remediation of issues or gaps identified during ongoing monitoring
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst Lead

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Understanding of Third Party Risk management lifecycle and risk assessment processes
  • Thought leadership and clarity in presenting ideas to senior management
  • Proven technical knowledge of resilience and Third-Party Risk principles and processes, to include up to date knowledge of current technology solutions, including Cloud
  • Experience in implementing risk processes across a large and diverse organization
  • Knowledge of regulatory requirements underpinning resilience and the Third-Party Risk Management and Outsourcing Lifecycle
  • Excellent analytical skills to interpret and present complex data
  • Proficiency in the use of MIS and other risk management tools
  • Excellent project management skills to oversee risk reviews and mitigation efforts
  • Strong communication skills to provide counsel and collaborate with various stakeholders
  • Ability to challenge and scrutinize established practices
Job Responsibility
Job Responsibility
  • Represent business leadership to coordinate and facilitate Third-Party Risk Management activities
  • Evaluate current market conditions and provide insight on trends/issues that could impact the business by external third parties
  • Advise the BAO on risk assessment for third parties and reassess as required
  • identify significant relationship changes to trigger risk assessment updates
  • Verify compliance of third parties with required policies and controls
  • Partner with business operations, technology teams, and internal functions to conduct on-site visits of third parties, as required
  • Maintain and update Citi’s Exit Strategy Plans as required
  • collaborate with business contacts to establish risk mitigation activities when the exit strategy poses significant risk to Citi
  • Interact with third parties on escalations of non-performance and contractual issues to drive resolution when appropriate
  • Monitor third party performance and Service Level Agreements (SLAs) through Citi Performance Management Assessment (PMA) process
  • Fulltime
Read More
Arrow Right

Third Party Vendor Management Lead Analyst

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
Costa Rica , Heredia
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of experience
  • Understanding of Third Party Risk management lifecycle and risk assessment processes
  • Thought leadership and clarity in presenting ideas to senior management
  • Proven technical knowledge of resilience and Third-Party Risk principles and processes, to include up to date knowledge of current technology solutions, including Cloud
  • Experience in implementing risk processes across a large and diverse organization
  • Knowledge of regulatory requirements underpinning resilience and the Third-Party Risk Management and Outsourcing Lifecycle (OCC/FRB/EBA/PRA/MAS, etc.)
  • Excellent analytical skills to interpret and present complex data
  • Proficiency in the use of MIS and other risk management tools
  • Excellent project management skills to oversee risk reviews and mitigation efforts
  • Strong communication skills to provide counsel and collaborate with various stakeholders
Job Responsibility
Job Responsibility
  • Represent business leadership to coordinate and facilitate Third-Party Risk Management activities
  • Evaluate current market conditions and provide insight on trends/issues that could impact the business by external third parties
  • Advise the BAO on risk assessment for third parties and reassess as required
  • identify significant relationship changes to trigger risk assessment updates
  • Verify compliance of third parties with required policies and controls
  • Partner with business operations, technology teams, and internal functions to conduct on-site visits of third parties, as required
  • Maintain and update Citi’s Exit Strategy Plans as required
  • collaborate with business contacts to establish risk mitigation activities when the exit strategy poses significant risk to Citi
  • Interact with third parties on escalations of non-performance and contractual issues to drive resolution when appropriate
  • Monitor third party performance and Service Level Agreements (SLAs) through Citi Performance Management Assessment (PMA) process
  • Fulltime
Read More
Arrow Right

Resilience Risk 2nd LOD Lead Analyst, Vice President

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of experience
  • Understanding of Third Party Risk management lifecycle and risk assessment processes
  • Thought leadership and clarity in presenting ideas to senior management
  • Proven technical knowledge of resilience and Third-Party Risk principles and processes, to include up to date knowledge of current technology solutions, including Cloud
  • Experience in implementing risk processes across a large and diverse organization
  • Knowledge of regulatory requirements underpinning resilience and the Third-Party Risk Management and Outsourcing Lifecycle (OCC/FRB/EBA/PRA/MAS, etc.)
  • Excellent analytical skills to interpret and present complex data
  • Proficiency in the use of MIS and other risk management tools
  • Excellent project management skills to oversee risk reviews and mitigation efforts
  • Strong communication skills to provide counsel and collaborate with various stakeholders
Job Responsibility
Job Responsibility
  • Provide strategic support in the formulation and implementation of operational risk management policies and procedures, prioritizing resilience and third-party risk management
  • Drive the identification, measurement, monitoring, and management of residual and emerging risks, ensuring consistent practices across the organization
  • Champion continuous improvement initiatives, incorporating lessons learned from resilience tests, simulations, and third-party risk analysis
  • Act as a liaison with internal and external stakeholders, fostering effective collaboration in risk management
  • Oversee and challenge key risk indicators and material operational risks, ensuring resilience and third-party risks stay within defined Risk Appetite parameters
  • Lead oversight reviews, addressing root causes of unintended losses and ensuring policy and regulatory compliance in resilience and third-party risk management
  • Assess the effectiveness of business and technology capabilities and controls across the organization, promoting the implementation of sound risk management processes
  • Develop, implement, and analyze reports to identify excessive risk areas, ensuring the effectiveness of risk mitigation efforts involving third parties
  • Facilitate the dissemination of operational risk management best practices, raising awareness of resilience and third risk-party among all staff
  • Assist risk management team leaders in staff development, fostering a high level of competence and morale in operational risk management
What we offer
What we offer
  • Global Benefits
  • support your well-being, growth and work-life balance
  • Fulltime
Read More
Arrow Right

Operational Risk Senior Analyst

In this role, you will be part of a team of Third-Party Risk Management professi...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
thecignagroup.com Logo
The Cigna Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong written and verbal communication skills with the ability to interact with all levels of the organization
  • Strong interpersonal/relationship management skills
  • Strong time and project management skills
  • Knowledge of third-party risk management, due diligence, and KYS (Know your Supplier) concepts, TPRM best practices and related industry best practices
  • Ability to compile reports, summaries, and presentations to communicate findings to key stakeholders within the business
  • Strong analytical abilities and critical thinking skills
  • Experience working with Ariba, Icertis and ProcessUnity ideal
  • 3-5 Years of relevant experience
  • Third Party Risk experience within indirect procurement
  • Experience with procurement and third-party risk in an onshore/offshore model
Job Responsibility
Job Responsibility
  • Conduct thorough risk assessments of third-party vendors to identify potential compliance, financial and operational risks
  • Conduct timely executions of Inherent Risk Questionnaires (IRQs) to evaluate risk and controls of third-party suppliers
  • Utilize GRC tools, Process Unity & Service Now, to execute risk assessments of CIGNA's indirect third parties in accord with program standards
  • Ensure data validation and quality assurance process is in place for continuous validation of third-party records
  • Maintain accurate and organized records of all third-party risk management activities
  • Create and maintain comprehensive risk management reports for company leadership
  • Maintain awareness of industry best practices and strategic approaches in risk analysis processes and functions
  • Support TPRM leadership with additional risk management program activities
  • Support continuous process improvement in all aspects of the TPRM and procurement processes
  • liaise with the GPTPMS Center of excellence organization in the US to ensure alignment with process, best practices, and talent strategy
  • Fulltime
Read More
Arrow Right