Job Specifications
We are looking for candidates with strong technical expertise to fill this role. Below are the details of the position:
Industry: IT
Job Title: Contracts Specialist
Mode of Job: Hybrid
Locations: Toronto
Contract: 12 Months
Overview
The Contract Specialist will support the Vendor Information Security Management (VISM) function by reviewing third-party contracts to ensure appropriate IT security, data protection, and risk controls are embedded. This role partners closely with internal stakeholders to interpret contract language, assess vendor risk, and recommend contractual clauses aligned with enterprise security and regulatory requirements.
The ideal candidate has strong experience reviewing, negotiating, and drafting IT contract clauses, particularly those related to cybersecurity and third-party risk. Success in this role requires sound judgment, strong relationship-building skills, and the ability to operate independently in a fast-paced environment.
Key Responsibilities
Review vendor contracts to ensure compliance with enterprise IT security and risk requirements
Identify, assess, and communicate contractual risks to internal stakeholders
Recommend and negotiate appropriate contract clauses based on vendor products and services
Support Legal and Procurement with contract language, exceptions, and risk positioning
Initiate and manage reviews of existing vendor contracts across business units
Respond to internal and external contract-related inquiries
Provide guidance to Vendor Information Security Management (VISM) and Vendor Governance Management (VGM) teams
Stay current on regulatory changes and evolving legal requirements impacting third-party contracts
Translate complex risk and security concepts into clear, actionable guidance
Collaborate with Legal, Compliance, Risk, Procurement, and Business partners to meet organizational objectives
Core Technical Skills
Required
5+ years of experience reviewing third-party contracts, with a strong focus on IT and cybersecurity requirements
Hands-on experience with IT contract clauses, vendor risk terms, and data protection language
Background in IT Risk, Third-Party Risk Management, Procurement, or Legal
Solid understanding of information security concepts and data flows
Experience supporting contract negotiations and risk discussions with vendors
Advanced proficiency in Microsoft Word and Excel
Experience using risk and procurement tools such as Archer, ProcessUnity, Ivalua, and Power BI
Preferred
3+ years in progressively responsible Risk or Procurement roles
Experience interpreting and applying industry security frameworks (e.g., NIST, ISO)
Familiarity with vendor information security assessments and questionnaires
Exposure to regulatory expectations governing third-party relationships
Nice to Have
Knowledge of NIST 800-53, NIST Cybersecurity Framework (CSF), ISO 27001
Understanding of regulatory guidance impacting vendor contracts (e.g., OSFI, OCC)
Experience drafting—not just reviewing—contractual language
Legal background or law degree
Soft Skills
Strong critical thinking, problem-solving, and escalation judgment
Excellent written and verbal communication and negotiation skills
Highly organized with the ability to prioritize competing deadlines
Comfortable working independently and collaboratively in cross-functional teams
Ability to manage multiple concurrent initiatives in a fast-paced environment
Strong stakeholder management and influencing skills
Confident presenting to senior leadership
Adaptable, proactive, and results-oriented mindset
Experience working within a global, matrixed organization
Education & Certifications
Bachelor’s degree in Business, Economics, Finance, or a related field
Law degree preferred but not required
Industry-recognized certifications in IT Risk, Third-Party Risk, Cybersecurity, or Procurement are a plus
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more.
Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status
Dexian | Unlock trajectory changing opportunities
Unlock business potential with Dexian's comprehensive solutions. Discover staffing, talent development, and valuable
About the Company
Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide. As one of the largest IT and professional staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was launched in 2023 and created from the combination of DISYS, Signature Consultants, and other strategic acquisitions.
Dexian fuses the best elements of its legacy companies to create a platform that connects talent, technology, and organizations to produce game-chan...
Know more