Third Party Security Risk Management Specialist
Wealthsimple
Remote
Posted on Oct 29, 2025
Your career is an investment that grows over time!
Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 4 million users who trust us with more than $80 billion in assets.
Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.
About the Security Assurance Team
The Security Assurance team plays a critical role in adhering to security frameworks and creating space for risk mitigation and oversight. We want to ensure that Wealthsimple maintains a secure operational environment by implementing and monitoring controls designed to protect information, systems and infrastructure.
About the Third Party Risk Management Specialist Role
We aim to expand the Security Assurance team to strengthen our third-party risk management capabilities and enhance our vendor oversight program.
We are looking for a Third Party Risk Management Specialist with experience in vendor risk assessment, contract security reviews, and supply chain risk management. This role will be instrumental in operationalizing a comprehensive third-party risk management practice that aims to protect Wealthsimple and our clients while enabling business growth. You'll work closely with teams across Security, Legal, Procurement, Product, and Engineering to ensure proper due diligence and ongoing monitoring of our vendor ecosystem.
In this role, you'll have the opportunity to:
- Lead the development and implementation of a scalable third-party risk management program that aligns with business objectives and regulatory requirements
- Conduct comprehensive security risk assessments of vendors, suppliers, and business partners
- Collaborate with cross-functional teams to establish vendor onboarding/offboarding processes, security questionnaires, and risk rating methodologies
- Develop policies and procedures for vendor lifecycle management, from initial due diligence through ongoing monitoring and contract renewal
- Drive continuous monitoring initiatives through risk-based assessments, vendor audits, and remediation tracking
- Support procurement and legal teams with contract reviews, ensuring appropriate security and compliance clauses are included
- Contribute to incident response procedures related to third-party security events and vendor-related risks
- Build and maintain a centralized vendor risk registry and reporting dashboard for executive reporting
What you'll bring:
- 4-6 years of experience in third-party risk management, vendor risk assessment, or supply chain security (preferably in financial services or fintech)
- Working knowledge of Canadian regulatory requirements (PIPEDA, OSFI guidelines) and international frameworks (SOC 2, ISO 27001) with experience evaluating vendor compliance
- Proven ability to design and implement vendor risk management programs in complex, regulated environments
- Strong analytical and communication skills with ability to present risk findings and recommendations to stakeholders at all levels
- Experience with risk assessment methodologies, vendor questionnaires, and due diligence processes
- Familiarity with security frameworks and controls assessment (experience with GRC tools is a plus but not required)
- Self-directed professional who can manage multiple vendor assessments simultaneously and influence cross-functional stakeholders
- Relevant certifications preferred (CTPRP, CISA, CISSP, CRISC, or equivalent risk management credentials)
Why Wealthsimple?
🤑 Competitive salary with top-tier health benefits and life insurance
📈 Retirement savings matching plan using Wealthsimple for Business
🌴 20 vacation days per year and unlimited sick and mental health days
📚 Up to $1,500 per year towards wellness and professional development budgets respectively
🛫 90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year
🌎 A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)
💖 Company-wide wellness days off scheduled throughout the year
We’re a remote-first team, with over 1,000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions — join us!
Technology & Innovation at Wealthsimple
We believe the future belongs to those who innovate boldly. At Wealthsimple, every team member is expected to lean into new technologies, including AI, and tooling to rethink how we work, solve problems faster, and create even greater value. We're looking for people who are not just comfortable with change but energized by it. Our commitment is to build a company that evolves at the pace of the world around us, and we want you to help lead that future.
DEI Statement
At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.
Accessibility Statement
Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.