To begin the application process, please enter your email address.
Company Contact Info
- Austin, TX
Sorry, we cannot save or unsave this job right now.
Report this Job
Saving Your Job Alert
Job Alert Saved!
Could not save Job Alert!
You have too many Job Alerts!
This email address has reached the maximum of 5 email alerts. To create a new alert, you will need to log into your email and unsubscribe from at least one.
Email Send Failed!
Security Risk Analyst/ Third Party Risk Management
Posted 3 days ago
Description: The Security Risk Analyst is responsible for supporting the activities related to Third-Party Risk Management program, responsible for implementing and executing VRM (Vendor Risk Management). The goal being to ensure business owners understand, engage the SRM process, and monitor their respective suppliers strategic fit, risk management controls, data security, potential changes, compliance with regulatory requirements, and alignment of priorities.
The analyst must identify and communicate to business the associated risks of supplier provided processes and services in support of operations ranging from low-risk to critical suppliers.
- Support the Third Party Risk Management (TPRM) Program to effectively manage supplier risk in accordance with internal policy and regulatory requirements
- Ensure strong oversight of all supplier risks and provide visibility of existing and emerging risks.
- Perform initial and periodic risk assessments, and other necessary reviews, to identify, measure and manage third party risks.
- Effectively utilize available evidence to perform risk assessments.
- Identify, categorize and evaluate "critical" and "non-critical", using a "Risk-Based Standard", for potential or current service providers.
- Based upon risk classification, complete analysis of risk factors for suppliers (including any subcontractors with access to data) and ensure the respective business owners are monitoring, reviewing, and mitigating risk associated with service providers using risk factors identified in pertinent standards; for example: Regulatory Compliance, Legal, Financial Stability, Reputation, Operational, Business Continuity/Disaster Recovery, and Information Security.
- Provide dedicated support, integrated with the Procurement system, to the onboarding and oversight of all new and existing third-party supplier relationships.
- Act as a subject matter expert to assist the business in identifying and mitigating risks on their supplier relationships.
- Minimum 4 year degree in an Information Technology discipline
- 3+ years of experience in 3rd party security assessment/ management
- Some experience with information security
- Third-party Service provider relationship management
- Knowledge of Cloud Service Providers
- Demonstrated experience with controls-based information security frameworks (e.g., ISO 27001, NIST CSF, etc.)
- Proven Project Management experience
- Analytical and conceptual thinking - using logic and reason, creative and strategic
- Attention to detail, consistency, dependability.
- Communication skills - interpersonal, presentation, verbal clarity, and written.
- Influencing and negotiation skills