💡 Polecam: Zobacz również podobne oferty pracy, z których na pewno coś wybierzesz.
Cyber Analyst third-party risk assessments
This role is responsible for executing supplier assessments supporting company’s global Cybersecurity Supplier IT Risk Management (SITRM) Program.
KEY DUTIES AND RESPONSIBILITIES
• Execute security risk assessment and analysis of suppliers across all stages of the supplier lifecycle and partner with global vendor management teams, technology, and business functions to educate and communicate cyber risk• Support implementation and operation of program enhancement efforts including assessment process and technical requirements. Train team members and stakeholders on updated program and processes changes
• Prepare and communicate monthly program metrics and reporting to appropriate program lead
• Provide input on third party security controls, exceptions, and remediation plans to continuously improve assessment process to reduce cyber risk
WHAT YOU’LL NEED TO SUCCEED
• 4 or more years of experience in IT audit, supplier IT risk, vendor, or third-party security risk management
• Bachelor’s Degree in Information Technology, Information Systems, Computer Science or a related technical field of study. Related experience may be considered in lieu of required education
• Working experience with third party security assessment and management tools (Archer preferred)
• Working experience in third party security risk assessment methodologies and industry frameworks
• Knowledge of Shared Assessment Third-Party Risk Management practices and questionnaires
• Solid experience in application, network, and cloud security domains and assessments
• Certifications: Certified Information on Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Shared Assessments Certified Third Party Risk Professional (CTPRP) or Certified Third Party Risk Assessor (CTPRA), Information Systems Security Architecture Professional (ISSAP), or Information Systems Security Engineering Professional (ISSEP)
• Strong critical thinking and planning skills
• Experience in large enterprise environments
• Strong verbal and written communication, negotiation, analytical, time management, organizational, and relationship management skills• Comfortable dealing with ambiguity, making decisions with sub-optimal/incomplete information
• Ability to analyze and challenge current working methods to create improvements in processes and result
• Experience working with cross functional teams
• Ability to work independently within a geographically dispersed team
• Understand and comply with all applicable company policies
• Bachelor’s Degree in Information Technology, Information Systems, Computer Science or a related technical field of study. Related experience may be considered in lieu of required education
• Working experience with third party security assessment and management tools (Archer preferred)
• Working experience in third party security risk assessment methodologies and industry frameworks
• Knowledge of Shared Assessment Third-Party Risk Management practices and questionnaires
• Solid experience in application, network, and cloud security domains and assessments
• Certifications: Certified Information on Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Shared Assessments Certified Third Party Risk Professional (CTPRP) or Certified Third Party Risk Assessor (CTPRA), Information Systems Security Architecture Professional (ISSAP), or Information Systems Security Engineering Professional (ISSEP)
• Strong critical thinking and planning skills
• Experience in large enterprise environments
• Strong verbal and written communication, negotiation, analytical, time management, organizational, and relationship management skills• Comfortable dealing with ambiguity, making decisions with sub-optimal/incomplete information
• Ability to analyze and challenge current working methods to create improvements in processes and result
• Experience working with cross functional teams
• Ability to work independently within a geographically dispersed team
• Understand and comply with all applicable company policies
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
Hays Poland sp. z o. o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.
-
Dlaczego szukać pracy na HitPraca.pl?
Subskrybuj oferty pracy
Codziennie nowe oferty pracy Możesz wybierać z bardzo szerokiej gamy ofert pracy - naszym celem jest posiadanie jak najszerszej oferty pracy Otrzymuj nowe oferty e-mailem Bądź pierwszym, który odpowie na nowe oferty pracy Wszystkie oferty pracy w jednym miejscu (od pracodawców, agencji pośrednictwa pracy i innych portali) Wszystkie usługi dla kandydatów do pracy są bezpłatne Pomożemy Ci znaleźć nową pracę