Senior IT Contract Reviewer – Cyber

Job Description

Senior IT Contract Reviewer – Cyber & Security Clauses



Exciting 1-year hybrid opportunity in Toronto for an experienced contract management professional within the insurance industry. Contribute to enterprise-level IT risk governance, review complex vendor contracts, and collaborate with Legal, Procurement, and Compliance teams. Strategic role with strong influence on contract standards.



What is in it for you:




• Salaried: $42-50 per hour.


• Incorporated Business Rate: $52-60 per hour.


• 12-month contract.


• Full-time position: 37.50 hours per week.


• Weekday schedule from 8:30 am to 5 pm.


• In-office presence required from Tuesday to Thursday.


• Remote work available on Mondays and Fridays.



Responsibilities:

• Review contract clauses and language to determine compliance with corporate contract requirements.


• Support internal stakeholders and Legal by clearly outlining risks associated with suppliers.


• Initiate reviews of existing vendor contracts in collaboration with various business units.


• Respond to contract-related inquiries in a timely and accurate manner.


• Provide Procurement with support on contract clauses and exception handling.


• Offer guidance to Vendor Information Risk Management (VISM) and Vendor Governance Management (VGM) teams.


• Stay informed on evolving laws and regulatory requirements that impact contractual terms.


• Translate complex contractual and regulatory concepts into easily understood language for internal and external stakeholders.


• Independently manage timelines for contract negotiation and reviews.


• Collaborate with cross-functional teams including Legal, Risk, Compliance, and business stakeholders to meet business objectives



What you will need to succeed:




• Bachelor's degree in Business, Economics, or Finance.


• Experience in IT Risk, Third Party Risk Management and/or Procurement.


• Industry-recognized certification in IT, Third Party Risk, or Procurement is a plus.


• Law degree is considered an asset.


• IT contract-related experience and/or legal background.


• 5 years of experience reviewing third-party contracts or related experience in Third-Party Risk Management, specifically in IT/cybersecurity.


• Solid understanding of cybersecurity principles and the flow of sensitive data.


• Proficient in Microsoft Office tools including Word, Excel, PowerPoint, and Power BI.


• Experience using risk management tools such as Archer, ProcessUnity, and Ivalua.


• 3 years in progressive roles within Risk or Procurement.


• Knowledge of third-party risk management concepts and IT general controls.


• Familiarity with compliance frameworks such as NIST 800-53, NIST CSF, and ISO 27001.


• Understanding of OSFI B-10/13 and OCC regulatory requirements.


• Ability to interpret and assess vendor information security questionnaires.


• Strong critical thinking and problem-solving skills.


• Excellent communication and negotiation abilities.


• Organized and capable of prioritizing tasks based on impact and urgency.


• Able to work both independently and collaboratively.


• Skilled in managing multiple tasks in a fast-paced environment with shifting priorities.


• Strong presentation and facilitation capabilities.


• Demonstrated ability to influence across functions and build relationships with diverse teams.


• Adaptable to change and culturally aware.


• Experience working in complex, matrixed, or global organizations.



Why Recruit Action?



Recruit Action (agency permit: AP provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted.



# MFCJP