About the role
Do you have a flavor to conduct risk assessments to identify and evaluate potential security threats posed by third parties and recommend risk mitigation strategies to minimize the organization’s risk exposure?
We are looking to hire experienced and seasoned professionals who have experience in the following:
- Conduct risk assessments of third-party vendors/suppliers/service providers to identify potential security threats and vulnerabilities
- Conduct cloud assessments and evaluate against the internal standards, applicable regulations, and industry best practices
- Conduct audits as part of risk assessments
- Analyze and evaluate vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
- Develop and implement risk mitigation strategies to address identified vulnerabilities and reduce the organization’s exposure to cyber threats
- Communicate assessment findings and recommendations to internal and external stakeholders, including senior management, legal, Procurement, and compliance teams
- Monitor and track third-party compliance with internal security policies and procedures through ongoing assessment activities and continuous monitoring
Your Team
You will be a highly skilled & seasoned TPRM professionals and conduct risk assessments on third parties. You will lead the efforts in ensuring adherence to internal and stakeholder SLAs, contributing to process improvements, recommending controls to reduce risk, recommending industry best practices, and cumulatively working towards improving the overall risk assessment process.
Expertise
- 7+ years of experience in conducting third-party risk assessments or cybersecurity assessments
- Cybersecurity audit experience/mindset
- Certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus
- One of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC, ISO 27001 LA
- Ability to communicate effectively with both technical and non-technical stakeholders
- Strong analytical and problem-solving skills
- Good team player with analytical ability to provide practical solutions for minimizing risk
Qualification
Bachelor’s degree with professional certification in Cybersecurity, Cloud Security or a related field of study
Job Type
Full Time