IT Security Specialist (Third Party Cyber Risk Assessor)
Are you collaborative, resourceful and highly organized? Do you enjoy developing relationships with influential stakeholders? If yes, this could be your next opportunity!
Working with one of the top financial clients, this role calls for an IT Security Specialist (Third Party Cyber Risk Assessor) who will lead and execute third-party cyber risk assessments of client’s global suppliers. The assessor will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the client. The successful candidate may also participate in department initiatives of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Responsibilities:
- Coordinate with key risk stakeholders to initiate, scope and plan third-party cyber risk assessments of new and existing suppliers of all risk levels.
- Lead or contribute to the completion of third-party cyber risk assessments at the business application, portfolio, or overall enterprise level.,
- Communicate the cyber risk assessment results to internal and external stakeholders.
- Coordinate with risk stakeholders to identify appropriate risk mitigation and remediation plans. Perform validation of the risk mitigation and remediation plans upon implementation.
- Complete assessments in accordance with internal procedures and standards, industry frameworks and best practices.
- Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
- Contribute to the definition, development, and oversight of a global third-party cybersecurity management strategy and framework.
- Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
- Influence behaviour to reduce risk and foster a strong technology risk management culture throughout the enterprise.
Desired Skill Set:
- 5 years of experience in Information Security
- 3 years of expertise in Cyber Risk Assessment
- 3 years of proven experience in 3rd Party Risk Assessments
- Exposure to Internal Security Controls
- Experience working on large complex initiatives from a large-scale initiative program/company
Nice To Have:
- Information Security Certification / Accreditation
BeachHead is an equal opportunity agency and employer. We advocate for you and welcome anyone regardless of race, color, religion, national origin, sex, physical or mental disability, or age.
Privacy Policy