Sign up for our
weekly
newsletter
of fresh jobs
Advance your career with Mindlance! We have been connecting talented IT professionals with world-class companies since 1999. Mindlance is here to help you to find the perfect fit with just the right company. Currently, we are seeking a Third-Party Risk Analyst for an exciting career growth Opportunity.Make your next big career move with the kind of position that will allow you to be genuinely passionate about the work you do! Our recruiters will work closely with you to help you get the edge over the competition. Let Mindlance advocate for you – apply today!Responsibilities:• The Information Protection Sr. Advisor within the Third Party Cyber Risk Management (TPCRM) is responsible for providing guidance to the TPCRM program on Cyber Security decisions and consultation that has significant impact on strategic planning and the overall day-to-day third-party outsourcing risk by collaborating within a highly matrixed environment with multiple key stakeholders.• This role will work closely with the TPCRM leadership and external/internal entities to solve unique and complex problems related to information protection that have broad impact on the business.• The role works with the business and IT to anticipate external/internal outsourcing challenges and and/or regulatory issues, and recommends process, technical security design or service improvements.• Act as a lead SME for TPCRM and is a recognized Information Protection expert and thought leader by both internal/external community and is responsible for technical leadership for TPCRM outsourcing servicesSkills:• Understand the overall Third-Party landscape and accompany strategy and provide overall technical guidance to the, acting as conduit between client Information Protection, Technology and the business• Common third party risk industry standard, regulations, and regulators (e.g. FFIEC, OCC, FRB, GDPR, HIPAA / HITECH, HKMA, PRA, APRA, JFSA, RBI, BaFin, CFPB, SEC etc.), especially as it relates to building a program and/or managing internal controls, risk assessments, business process or operational auditing; and,• Principles and industry leading practices in Risk Assessment skills, Audit background, including familiarity with SOC I (SSAE16) and SOC II, ISO 27001, etc• Lead development and implementation of Information Protection technical design, patterns, process and service improvements to business driven outsourcing intiatives• Perform ongoing vendor cyber security risk assessments to review complex technology and business risks related to vendors security controls/posture and determine acceptance to company framework of controls• Liaise with key functional teams such as Technology, Legal, Privacy, BCP, Information Protection and relevant business stakeholders to perform third party security reviews on their new and existing vendors and identify risks that require remediation• Perform comprehensive vendor security assessment, identify risk, determine appropriate risk levels, document risk in Archer GRC and recommend“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”