1

Third Party Risk Analyst Jobs in Quebec (NOW HIRING)

We are seeking a highly skilled Senior Analyst - Technology Risk Management & Third-Party Risk Management (TPRM) to support and strengthen our tech risk program. This role will work closely with the ...

The Analyst independently leads risk assessments and partners closely with IT, OT, audit, andsenior ... Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments ...

The Analyst independently leads risk assessments and partners closely with IT, OT, audit, andsenior ... Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments ...

The Analyst independently leads risk assessments and partners closely with IT, OT, audit, andsenior ... Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments ...

The Analyst independently leads risk assessments and partners closely with IT, OT, audit, andsenior ... Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments ...

Lead vendor selection and negotiations for third-party risk intelligence tools, behavioral analytics, and identity verification partners. Tooling & Enablement * Collaborate with Risk Operations to ...

General Information Press space or enter keys to toggle section visibility Job Location * Montreal, QC Date Published 05-Dec-2025 Department Qualifications & Proposals Employment Type Permanent ...

next page

Showing results 1-20

Third Party Risk Analyst information

See Quebec salary details

$10

$45

$71

How much do third party risk analyst jobs pay per hour?

As of Jul 11, 2026, the average hourly pay for third party risk analyst in Quebec is $45.52, according to ZipRecruiter salary data. Most workers in this role earn between $35.82 and $53.61 per hour, depending on experience, location, and employer.

How does a Third Party Risk Analyst typically collaborate with other departments to manage vendor risks?

A Third Party Risk Analyst works closely with departments such as procurement, legal, IT security, and compliance to assess and mitigate potential risks posed by vendors and service providers. Collaboration often involves reviewing contracts, conducting risk assessments, and ensuring vendors meet the organization's security and compliance requirements. Regular communication and joint meetings are common to align on risk standards and address any emerging concerns. This cross-functional teamwork ensures a comprehensive approach to managing third-party risks and maintaining regulatory compliance.

What is the difference between Third Party Risk Analyst vs Vendor Risk Analyst?

AspectThird Party Risk AnalystVendor Risk Analyst
CertificationsCertifications like CRISC, CISA often preferredSimilar certifications, often the same as Third Party Risk Analyst
Work EnvironmentFinancial institutions, corporations managing third-party relationshipsOrganizations assessing vendor security, compliance, and performance
Industry UsageCommon in finance, healthcare, and tech sectorsPrimarily in procurement, supply chain, and IT sectors

The main difference is that a Third Party Risk Analyst focuses on assessing risks associated with all third-party relationships, including vendors, partners, and service providers. A Vendor Risk Analyst specifically concentrates on evaluating risks posed by vendors and suppliers. While their roles overlap, the Third Party Risk Analyst has a broader scope, often handling multiple types of third-party relationships within various industries.

Is a grc analyst a good entry-level job?

A third-party risk analyst is often considered an entry-level role in risk management and compliance, suitable for individuals with strong analytical skills and knowledge of regulations like GDPR or HIPAA. The position typically involves assessing vendor risks, using tools like GRC software, and may require certifications such as CRISC or CISA. It provides a foundation for career growth in cybersecurity, compliance, or risk management fields.

How much does a third-party risk analyst make?

A third-party risk analyst typically earns between $60,000 and $100,000 annually, depending on experience, location, and industry. Entry-level positions may start lower, while experienced analysts with certifications like CRISC or CISSP can earn higher salaries.

Is third-party risk management a good career?

Third-party risk management is a growing field within risk analysis and compliance, focusing on assessing and mitigating risks from external vendors and partners. It requires skills in risk assessment, regulatory knowledge, and often involves using tools like risk management software. The role offers opportunities for career advancement in industries such as finance, healthcare, and technology.

What does a third-party risk analyst do?

A third-party risk analyst evaluates the risks associated with an organization’s external vendors, suppliers, and partners. They assess third-party security, compliance, and operational risks using tools like risk management software and often require knowledge of industry standards and certifications. Their goal is to ensure that external relationships do not compromise the organization’s security or compliance posture.

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst, and why are they important?

To thrive as a Third Party Risk Analyst, you need a solid understanding of risk management principles, vendor assessment processes, and compliance regulations, often supported by a degree in business, finance, or information security. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) platforms, and certifications like CTPRA or CRISC is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills set exceptional analysts apart in this field. These competencies are crucial for identifying and mitigating vendor risks, ensuring organizational compliance, and safeguarding sensitive data.
What are popular job titles related to Third Party Risk Analyst jobs in Quebec? For Third Party Risk Analyst jobs in Quebec, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst jobs in Quebec look for? The top searched job categories for Third Party Risk Analyst jobs in Quebec are:
Infographic showing various Third Party Risk Analyst job openings in Quebec as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 7% Part Time, 1% Temporary, and 4% Contract. Highlights an 81% Physical, 5% Hybrid, and 14% Remote job distribution, with an average salary of $94,683 per year, or $45.5 per hour.

SENIOR ANALYST, THIRD PARTY RISK MANAGEMENT (12-MONTH TEMPORARY POSITION)

Business Development Bank of Canada

Montreal, QC • Hybrid

Full-time

Medical, Retirement, PTO

Re-posted 7 days ago


Job description

We are banking at another level.

Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to fuel the success of Canadian entrepreneurs.

Choosing BDC as your employer also means:

  • Flexible and competitive benefits, including an Employee Savings and Investment Plan where BDC matches part of your voluntary contributions, a Defined Benefit Pension Plan, a $750 wellness and health care spending account, to name a few

  • In addition to paid vacation each year, five personal days, sick days as necessary, and our offices are closed from December 25 to January 1

  • A hybrid work model that truly balances work and personal life

  • Opportunities for learning, training and development, and much more...

Explore the BDC Way in our Culture Book


Please take note that this role is temporary for 12 months.


POSITION OVERVIEW


At BDC, the Operational Risk Management (ORM) team plays a key role in strengthening sound risk management practices across the organization. As third party risks continue to evolve in complexity and importance, the team works closely with business and Corporate Functions partners to promote effective risk management and operational resilience.

We are seeking a Senior Analyst, Third Party Risk Management (TPRM) to join our 2nd line ORM team. In this role, you will contribute to the implementation, oversight, and continuous improvement of BDC's TPRM framework. You will support both program execution and risk oversight activities, while partnering with stakeholders across the organization to strengthen third party risk management throughout the lifecycle.

This is an exciting opportunity for a risk professional who enjoys working in a collaborative environment, influencing stakeholders, and contributing to a high impact risk program.


KEY RESPONSIBILITIES


  • Support the implementation, execution, and ongoing enhancement of BDC's Third Party Risk Management framework, methodologies, and tools
  • Work closely with Corporate Functions stakeholders to drive the completion of third party risk assessments
  • Assess and challenge third party risks arising from evolving technologies and business models, including data usage, integrations, and dependency risks.
  • Act as a key partner to the first line of defense by providing guidance on third party risk requirements, assessment processes, control expectations, and remediation activities.
  • undefined
  • Review and challenge third party risk assessments, control evaluations, and mitigation plans.
  • Monitor third party risk issues, action plans, and remediation activities, and support escalation where appropriate.
  • Support governance activities and collaborate with stakeholders across business lines and control functions, including Procurement, Technology, Cybersecurity, Legal, and Compliance.
  • Contribute to process improvement, training, and communication initiatives that strengthen risk ownership and program maturity.

WHAT WE ARE LOOKING FOR


  • Bachelor's degree in Commerce, Finance, Business Administration, Risk Management, or a related discipline.
  • Relevant experience in operational risk management, third-party risk management, procurement risk, compliance, audit, or internal controls.
  • 5 to 10 years of relevant experience.
  • Solid understanding of operational risk management principles and risk assessment practices.
  • Strong knowledge of the third party lifecycle, including due diligence, ongoing monitoring, issue management, and remediation.
  • Knowledge of Canadian banking operations and regulatory expectations, including OSFI B-10, is an asset.
  • Knowledge of procurement processes and lifecycle management is an asset.
  • Ability to think critically and apply risk judgment in complex or non-standard scenarios, beyond established frameworks.
  • Strong analytical, reporting, and problem-solving skills.
  • Strong communication and stakeholder management skills, with the ability to collaborate effectively across functions.
  • Ability to produce and communicate polished and crisp reports, analyses, and presentations
  • Ability to work under pressure, to manage multiple priorities and projects, and to meet tight deadlines in a fast paced environment
  • Proficiency in Microsoft Office; Excel and Power BI is an asset.

Please note that temporary employees are not eligible for benefits.


Proudly one of Canada's Top 100 Employers and one of Canada's Best Diversity Employers, we are committed to fostering a diverse, equitable, inclusive and accessible environment where all employees can thrive and feel empowered to bring their whole selves to work. If you require an accommodation to complete your application, please do not hesitate to contact us at accessibility@bdc.ca.

While we appreciate all applications, we advise that only the candidates selected to participate in the recruitment process will be contacted.