In - business Risk Lead Analyst overseeing enterprise - level risk assessment and mitigation strategies. Collaborating across teams to manage risks, ensuring compliance, and maintaining governance standards.
About the role
- Third Party Risk Consultant overseeing cyber security due diligence for new and existing suppliers. Collaborating with teams to communicate findings and manage third-party risks.
Responsibilities
- Perform cyber security due diligence of new suppliers and performance of on-going due diligence for existing supplier relationships.
- Hold and drive internal and external discussions with business partners regarding third-party cyber security requirements.
- Communicate results and findings of third-party assessments in a clear and professional manner with all levels of the organization, in addition to external business partners.
- Evaluate third-party threats, vulnerabilities, and control weaknesses to determine applicability and significance, and recommend mitigation.
- Work with cyber team lead to understand control requirements to enforce and determine cyber security risks of third parties.
- Monitor for third-party cyber incidents and manage responses and mitigations when they occur.
Requirements
- Ability to read, understand, and perform due diligence of vendors by analyzing and reviewing cyber security controls and documentation provided, such as SOC 2’s, written information security programs, industry certifications, and network penetration testing results.
- Experience with vulnerability management, incident management
- Demonstrated experience as a trusted advisor and partner.
- Excellent analytical and problem-solving skills, including ability to create and adapt to unconventional controls.
- Broad understanding of cyber security practices for third party risks including software, cloud, SaaS.
- Experience with the review of cyber security contractual agreements and amendments, applying risk-driven techniques.
- Familiarity with managing your workload using a Jira Kanban board.
- Software security lifecycle and vulnerability management experience including familiarity with threat modeling, static code analysis, dynamic scanning, and penetration testing.
- Strong communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise business terms.
- Strong project management skills with the ability to manage multiple priorities.
- Working with and executing proficiently in industry known GRC tools.
Benefits
- Health insurance
- Paid time off
- Flexible working arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Analyst role in fintech firm focused on tracking performance and collaborating on data analysis. Engaging with finance and product teams to enhance decision - making.
Conduct fire risk assessments across various property types for compliance with fire safety regulations. Identify hazards and provide recommendations to improve safety measures.
Head of Operational Risk leading operational risk framework development and implementation for commodity trading. Managing an international team and ensuring effective risk controls.
Market Risk Analyst handling P&L reporting and analysis for hedging activities in oil or energy trading. Collaborating with traders and controllers for timely and accurate data flow.
Senior Data Governance Analyst working on Rumo's advanced analytics project. Ensuring compliance and quality in data governance and analytics for railway operations.
Transaction Manager responsible for corporate governance of client portfolios in Global Capital Markets. Overseeing transactions, compliance, and client interactions in Ireland, part of a wider team.
Manager, IT Risk Operations at Wilson Sonsini leading IT risk and compliance functions. Collaborating with senior leaders to shape risk management and operational effectiveness.
RFP Team Leader overseeing Risk, Fraud, Payments operations for iGaming brands. Leading a team to prevent fraud, ensure compliance, and improve operational performance.
Senior Risk Specialist focusing on Anti - Money Laundering and Responsible Gaming within iGaming. Conducting risk assessments and ensuring compliance with internal standards and regulations.