Skip to main content

This job has expired

Principal, Third-Party Risk Management Analyst

Employer
Request Technology
Location
Florida
Salary
130000.00 - 140000.00 USD Annual + bonus
Closing date
9 Feb 2023

View more

Employer Sector
Technology, ICT & Telecoms
Contract Type
Permanent
Hours
Full Time
Travel
None
Job Type
Risk Management

Principal, Third-Party Risk Management Analyst

Salary: $130k-$140k + bonus

Location: Primarily remote with travel to office on occasion

Must live within 2 hour driving distance to either Dallas, TX or Miramar, FL

*We are unable to provide sponsorship for this role*

Qualifications

  • 8+ years of professional Information Technology/Security experience that includes Third-Party Risk Management, IT Risk Management, cybersecurity, and governance, risk, and compliance (GRC).
  • Bachelor's degree in computer science, information security, information assurance, or related field; or equivalent professional work experience
  • Extensive knowledge of IT Risk Management processes and best practices
  • Extensive knowledge of Third-Party Risk Management processes and best practices
  • Skilled at working with diverse teams and promoting enterprise-wide risk management rigor and a security-first culture
  • Proven project management, multitasking and organizational skills
  • Experience working with a variety of industry standards, including NIST Cyber Security framework (CSF), NIST 800-53, ISO 27001 & 27002, Cloud Security Alliance (CSA), OWASP, or CIS Benchmark
  • Knowledge of IT systems, network security, application security, identity & access management, vulnerability management, endpoint security, and cloud environments (AWS, Azure, Salesforce, etc.)

Responsibilities

Risk Management

  • Act as an Information Security Risk Management subject matter expert
  • Assist the Information Security Risk Manager in the development and maintenance of the risk hierarchy, risk taxonomy, and risk register.
  • Conduct regular risk assessments, documents issues, determines risk levels and coordinates with the appropriate subject matter experts to monitor the remediation of deficiencies
  • Monitor the established risks in the IT organization and reports on the effectiveness of related mitigating controls

Third Party Risk Management

  • Responsible for the engagement of all third-party relationships to ensure that adequate controls are in place to protect company data and information
  • Assist the Information Security Risk Manager in the development, growth, and maturity of the risk-based third-party assessment and continuous monitoring program within ServiceNow
  • Conduct annual vendor risk management reviews of existing third parties based on
  • established risk ratings
  • Review new third-party engagements, tracks issues to resolution, provides feedback on required security controls
  • Review SOC 2 Type 2 reports, vulnerability assessments, penetration test results and additional documentation as required

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert