Manager, Vendor Risk
CPP Investment Board
Toronto, Canada
4d ago

Company Description

Make an impact at a global and dynamic investment organization

When you invest your career in CPP Investments, you join one of the most respected and fastest growing institutional investors in the world.

With current assets under management valued in excess of $500 billion, CPP Investments is a professional investment management organization that globally invests the funds of the Canada Pension Plan (CPP) to help ensure long-term sustainability.

The CPP Fund is projected to reach $3 trillion by 2050. CPP Investments invests in all major asset classes, including public equity, private equity, real estate, infrastructure and fixed-income instruments, and is headquartered in Toronto with offices in Hong Kong, London, Luxembourg, Mumbai, New York City, San Francisco, São Paulo and Sydney.

CPP Investments attracts and selects high-calibre individuals from top-tier institutions around the globe. Join our team and look forward to :

  • Diverse and inspiring colleagues and approachable leaders
  • Stimulating work in a fast-paced, intellectually challenging environment
  • Accelerated exposure and responsibility
  • Global career development opportunities
  • Being motivated every day by CPP Investments’ important social purpose and unshakable principles
  • A deeply rooted culture of Integrity, Partnership and High Performance
  • If you share a passion for performance, value a collegial and collaborative culture, and approach everything with the highest integrity, here’s an opportunity for you to invest your career at CPP Investments.

    Job Description

    The work of our Technology and Data (T&D) Risk team is essential to the organization. We are looking for someone who can define and manage the full lifecycle of third-party risk, from pre-contract assessment to ongoing monitoring and off-boarding activities.

    The Manager, Vendor Risk role is part of the Information Security & Risk Management group and reports to the Managing Director, T&D Risk.

    This position plays a key part in defining the group’s supply chain risk and enabling decision making to enhance resiliency and operational effectiveness.


  • Design and implement a common and consistent Vendor Risk Management (VRM) program to effectively manage vendor risk in accordance with internal risk approach and requirements.
  • Partner with the Procurement and Business Management Office (BMO) functions in vendor selection and contracting efforts and reassess the risks associated with a vendor relationship prior to the renewal of contract agreements.
  • Conduct periodic business reviews and ongoing monitoring across the vendor portfolio; highlight vendor risks and the actions planned to address inadequate controls to management.
  • Lead assessment of vendor risk through pre-contract due diligence, develop mitigation plans and partner with internal stakeholders to monitor vendors.
  • Partner with legal to define contractual terms to be included in contracts, and provide expert opinion on negotiations around contractual terms
  • Respond to vendor risk issues (e.g. data loss incidents, non-compliance with policies and procedures, etc.)
  • Develop and execute plan to implementation the vendor risk management lifecycle requirements throughout the organisation.
  • Define and monitor metrics for vendor risk and operational oversight and compliance
  • Build strong relationships including partnership with T&D / Business Unit SMEs, Enterprise Risk, Procurement and Audit to ensure a wholistic view of controls
  • Support ad-hoc projects and initiatives as required to support the evolving needs of CPP Investments Information Security and Risk Management
  • Qualifications

  • Undergraduate degree, preferably in Technology / business or related discipline;
  • Knowledge of governance, risk and compliance frameworks such as ITIL, NIST, etc.
  • Minimum 6 years of progressive experience managing technology and data vendors at complex financial institutions or investment companies;
  • Ability to evaluate the security risk profiles of vendors and conduct appropriate risk assessments of proposed vendor solutions and platforms during onboarding.
  • Experience in developing and communicating technology strategies and roadmaps with technical and non-technical stakeholders
  • Excellent interpersonal skills with ability to work individually as well as in a team environment
  • Commitment to CPP Investments’ guiding principles of integrity, partnership and high performance.
  • Proven ability to influence and manage within an indirect reporting structure
  • Proven ability to deal with ambiguity and manage change
  • Proven critical thinking and problem-solving capabilities
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form