We have other current jobs related to this field that you can find below

  • AVP Third Party Risk

    4 weeks ago

    New York, United States Broadgate Full time

    What You’ll Do • Support the Maturity of the Third-Party Risk Management Program by providing recommendations and helping to provide strategy deliverables. • Be open to change and provide leadership by leading TPRM staff across the enterprise to welcome/accept change. • Provide periodic reports to management and stakeholders. • Manage vendor...

  • Third Party Risk Management Specialist

    3 weeks ago

    New York, United States BBVA Full time

    PURPOSE OF POSITIONVendor Oversight unit is responsible for assisting in Third Party Risk Management for BBVA US CIB. Central to its purpose is making sure that third party risk across the enterprise is appropriately identified, assessed, understood, documented and incorporated into management routines as appropriate. The unit also assists Third Party Risk...

  • Third Party Risk Management Specialist

    3 weeks ago

    New York, United States BBVA Full time

    PURPOSE OF POSITIONVendor Oversight unit is responsible for assisting in Third Party Risk Management for BBVA US CIB. Central to its purpose is making sure that third party risk across the enterprise is appropriately identified, assessed, understood, documented and incorporated into management routines as appropriate. The unit also assists Third Party Risk...

  • Third Party Risk Management Specialist

    2 weeks ago

    New York, United States Phyton Talent Advisors Full time

    Our Client, a Global Investment Bank is seeking a Third Party Risk Management Specialist in their New York, NY location.Responsibilities Conducts third party service due diligence & risk assessments.Partners with business units, operations, technology, risk management and other stakeholders to understand the business environment, evolving business...

  • Third Party Risk Management Specialist

    2 weeks ago

    New York, United States Phyton Talent Advisors Full time

    Our Client, a Global Investment Bank is seeking a Third Party Risk Management Specialist in their New York, NY location.Responsibilities Conducts third party service due diligence & risk assessments.Partners with business units, operations, technology, risk management and other stakeholders to understand the business environment, evolving business...

  • Director - Third Party Risk Management

    2 weeks ago

    New York, United States Broadgate Full time

    Job ResponsibilitiesStrategy Development:• Develop a comprehensive strategy for continuous monitoring of third and fourthparty relationships.• Define goals, objectives, and key performance indicators (KPIs) to measure the effectiveness of the monitoring program.• Stay abreast of industry trends, regulatory requirements, and emerging threats to...

  • Third Party Cyber Risk Assessor

    2 months ago

    New York, United States UBS Full time

    Your role Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks? Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks? Do you have the right attitude and are eager to join a multinational team of Cyber Security professionals?...

  • Third Party Cyber Risk Assessor

    3 weeks ago

    New York, United States UBS Full time

    Your role Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks? Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks? Do you have the right attitude and are eager to join a multinational team of Cyber Security professionals?...

  • Manager, Internal Controls, Third Party Risk

    1 month ago

    New York, New York, United States Scotiabank Full time

    Requisition ID:97058Join the Global Community of Scotiabankers to help customers become better off. In this role, you will contributes to the overall success of Internal Controls and Third Party Risk within the United States ensuring specific individual goals, plans, and initiatives are executed / delivered in support of the business s strategies and...

  • Compliance Third-Party Risk Management Program Manager

    7 days ago

    New York, United States Block Full time

    Job DescriptionThe Compliance Governance and Reporting (CGR) team manages important components of Block’s Compliance Risk Management Framework and is part of Global Policy and Governance (GPG) within Block Compliance.  The CGR team has responsibility for the following: Policy Governance, Risk Assessment, Compliance Training, Compliance Risk Assessments,...

  • Compliance Third-Party Risk Management Program Manager

    1 month ago

    New York, United States Block Full time

    Job DescriptionThe Compliance Governance and Reporting (CGR) team manages important components of Block’s Compliance Risk Management Framework and is part of Global Policy and Governance (GPG) within Block Compliance.  The CGR team has responsibility for the following: Policy Governance, Risk Assessment, Compliance Training, Compliance Risk Assessments,...

  • Compliance Third-Party Risk Management Program Manager

    4 weeks ago

    New York, United States Block Full time

    Job DescriptionJob DescriptionCompany DescriptionBlock is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams — People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more — provide support and guidance at the corporate level....

  • Third-Party Vendor Approvals Auditor

    2 months ago

    New York, United States Vista Global Full time

    Job Profile Vista is a fast-growing private aviation business, operating the world’s largest wholly owned large cabin private jet fleet, embracing the highest levels of service, safety, security, reliability, and value. Providing exceptional and unparalleled standards of quality, style, and service. Our employees are regarded as our greatest...

  • Third Party Software Administrator 3

    2 weeks ago

    New York, United States B&H Photo-Video-Pro Audio Full time

    At over 50 years old and counting, B&H has built a reputation as the trusted resource for photography and videography enthusiasts via its NYC SuperStore and its award-winning website. Long known as "The Professional's Source", B&H is recognized by savvy consumers worldwide for its honest, knowledgeable guidance, expert tips and articlesand always-great...

  • Third Party Software Administrator 3

    2 weeks ago

    New York, New York, United States B&H Photo-Video-Pro Audio Full time

    At over 50 years old and counting, B&H has built a reputation as the trusted resource for photography and videography enthusiasts via its NYC SuperStore and its award-winning website. Long known as "The Professional's Source", B&H is recognized by savvy consumers worldwide for its honest, knowledgeable guidance, expert tips and articlesand always-great...

  • Vendor Risk Consultant

    4 weeks ago

    New York, New York, United States Michael Page Full time

    Client will move quickly qualified candidatesHybrid work model About Our Client One of the largest and most established foreign banking institutions in NYC. Job DescriptionSupport TPRM metrics and reporting, providing insights into third-party activities and performance for business unit executives and management committees.Coordinate team efforts to ensure...

  • Vendor Risk Consultant

    4 weeks ago

    New York, United States Michael Page Full time

    Client will move quickly qualified candidatesHybrid work model About Our Client One of the largest and most established foreign banking institutions in NYC. Job DescriptionSupport TPRM metrics and reporting, providing insights into third-party activities and performance for business unit executives and management committees.Coordinate team efforts to ensure...

  • Head of TPRM Governance, Risk

    2 months ago

    New York, New York, United States XL Group Full time

    Head of TPRM Governance, Risk & ControlsUK - London, France - Paris, USA - Harford or Stamford, India Gurgaon The objective of Third Party Risk Management (TPRM) at AXA XL is to establish a set of integrated TPRM capabilities that instils appropriate risk management principles allowing AXA XL to holistically and proactively identify, assess, monitor, and...

  • Enterprise Risk Management Analyst

    18 hours ago

    New York, United States Insight Global Full time

    Insight Global is seeking an Enterprise Risk Management Senior Analyst for one of our clients in Rochester, NY who is a not-for-profit financial institution. This will be a direct hire opportunity, with the option to work in a hybrid remote environment. As the Senior Analyst for Enterprise Risk, you will be responsible for working with key stakeholders at...

  • Enterprise Risk Management Analyst

    1 week ago

    New York, United States Insight Global Full time

    Insight Global is seeking an Enterprise Risk Management Senior Analyst for one of our clients in Rochester, NY who is a not-for-profit financial institution. This will be a direct hire opportunity, with the option to work in a hybrid remote environment. As the Senior Analyst for Enterprise Risk, you will be responsible for working with key stakeholders at...

Third Party Risk

2 months ago

New York, United States TEKsystems Full time
Job DescriptionJob Description

Top Skills' Details

* Knowledgeable in multiple areas of technology, with hands-on experience and technical expertise across all Information Security domains
* Experienced with local, national, and international financial services and privacy regulations, such as GLBA, NYDFS, GDPR, CCPA, etc. and credit card industry standards, such as PCI-DSS.
* An agile thinker, passionate and energetic; highly collaborative, possessing strong cultural awareness
* Fantastic written and verbal communication skills

 

Job Description

In this role, the candidate will work closely with General Counsel Organization, Third Party Lifecycle Management, Global Procurement, and Global Business Units to ensure third parties adhere to security requirements.

The candidate will participate in and represent Information Security and IT Risk during contract negotiations relevant to third party cybersecurity oversight and will develop and maintain cybersecurity requirements for third parties.

Primary Responsibilities

* Provide Information Security subject matter expertise to General Counsel Organization, Third Party Lifecycle Management, Global Procurement, and Global Business Units organizations for the inclusion of Information Security and IT Risk requirements into third party supplier and non-supplier contracts

* Negotiate cybersecurity contractual addendums, riders, etc. directly with third party account managers, attorneys, and information security staff; effectively communicate  requirements to technical and non-technical representatives of third parties

* Facilitate alignment across internal and external third party stakeholders

* Evaluate criticality of issues and advise internal stakeholders with a risk-based approach and an understanding of Business objectives

Additional Responsibilities

* Provide feedback to leadership, including regular reporting and metrics, in order to assist with the governance and overall growth of the third party security program

* Provide guidance during risk acceptance process relating to third parties

* Understand cybersecurity and regulatory issues specific to the third party landscape by connecting with peers, experts, standards organizations, and industry forums

* Provide training, including the development of training materials, to internal stakeholders

* Partner with internal stakeholders to develop, improve, and document processes

* Assist with and participate in third party cyber incident response and outreach activity as needed

Qualifications

* 7-10 years of experience, in positions of increasing responsibility, in Information Security risk assessments, cyber security operations, threat and vulnerability management, security architecture, or cyber security incident response

* Prior experience with contract negotiation

* Ability to effectively communicate and articulate Information Security risks

* Understanding of what information or assets are of value to threat actors and how organizations and data are breached, including through relationships with external third parties

* Strong familiarity with industry standards and control frameworks, risk assessment frameworks, security assurance auditing standards, best practices guidelines, such as ISO27001, NIST CSF, FAIR, SSAE16/18, CSA, CIS Top 20, OWASP Top 10, etc.

* Understanding of and experience with modern security controls, technologies, and procedures, including: vulnerability scanning, penetration testing, encryption, endpoint and anti-malware protection, network security, DLP systems, logging systems, physical security systems etc.

* Strong familiarity with cloud based services, architectures, and underlying management frameworks

* Familiar with network architectures and data exchange protocols, such as API usage, secure file transfers, etc.

* Familiar with cyber resiliency, disaster recovery, and business continuity concepts

* Basic understanding of cyber incident response, investigation, and forensic analysis

* Must have excellent verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.

* Must possess the ability to multitask, prioritize, and manage time effectively

* Must be able to pay strong attention to detail

* Bachelor's degree in Cybersecurity, Computer Science or Information Systems, or equivalent combination of education and experience preferred

* CISSP, CISM or similar certifications preferred

***NOTE: some off-hours work may be required depending on candidate time zone.