Location: REMOTE
Description: Our client is currently seeking a CYBER SECURITY ANALYST
– SENIOR
This role can sit in either Denver, Westlake or remotely
In this role you will be a key player for 3rd Party Cyber Risk Management activities.
You will also oversee the validation of 3rd party management activities and the management and monitoring of 3rd party risks and controls.
You will facilitate consulting engagements with 3rd party management for the enhancement of processes and controls and draft materials for reporting to leadership and management committees on 3rd party risk metrics, validation testing results, and program status.
This job will have the following responsibilities: Assess the security posture of 3rd parties as a part of the onboarding process for new tools and services firm-wide with a lens on technology and security risk Support execution of 3rd party Risk Management program activities to oversee, monitor, assess, and report on third-party risk Perform validation testing activities on 3rd party management processes and controls to confirm adherence with policies, procedures, regulatory requirements/guidance, and industry best practices Effectively communicate with management and senior leadership and provide reporting on validation testing activities including identified exceptions and remediation action plans in a clear and concise manner Perform oversight of 3rd party risks and controls documented in Risk and Control Self Assessments through execution of periodic assessments and quality assurance reviews Communicate and escalate 3rd party risk and control issues identified in the activities associated to the RCSA 3rd Party Management Oversight Program Develop periodic reporting on 3rd Party management risk-based metrics and effectiveness of third-party management practices and controls Provide consultative support and collaborate with business partners and 3rd party management stakeholders to identify enhancement opportunities to strengthen 3rd party management processes and controls Coordinate with the risk management oversight groups on the development of quarterly reporting of 3rd party risk metrics to management committees Develop quarterly reporting to management outlining validation testing results and program status Participate in 3rd party risk oversight meetings with business partners and third-party management stakeholders Assist with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations for Operational Risk Management and 3rd Party Risk Management
– Execute ad-hoc projects as needed Develop and maintain a good working relationship with colleagues in other risk and control functions, including Corporate Vendor Management, Information Security Risk Management, Bank Outsourcing and Oversight Management and other Corporate Risk Management teams
Qualifications & Requirements: 5+ years experience in 3rd party management, audit, oversight, SOX testing, operational risk management, or similar role 4 year degree preferred, especially with a technology or security specialization.
Independent judgment with strong analytical and risk assessment skills Knowledge of 3rd party management, internal controls, financial/banking regulations and risk assessment and mitigation One or more of the following certifications preferred: CISM, CISSP, CRISC, CISA, PMP Project management skills with ability to work independently and with a team, prioritize and manage multiple projects and succeed in a fast-paced, heavy workload environment Strong written and verbal communication skills with a proven track record of building effective working relationships with internal and external business partners and senior leaders
Contact: driles@judge.com
This job and many more are available through The Judge Group.
Find us on the web at www.judge.com