Third Party Risk Consultant at MassMutual Romania | Hybrid Hired

About the role

Perform cyber security due diligence of new suppliers and performance of on-going due diligence for existing supplier relationships.
Hold and drive internal and external discussions with business partners regarding third-party cyber security requirements.
Communicate results and findings of third-party assessments in a clear and professional manner with all levels of the organization, in addition to external business partners.
Evaluate third-party threats, vulnerabilities, and control weaknesses to determine applicability and significance, and recommend mitigation.
Work with cyber team lead to understand control requirements to enforce and determine cyber security risks of third parties.
Monitor for third-party cyber incidents and manage responses and mitigations when they occur.

Requirements

Ability to read, understand, and perform due diligence of vendors by analyzing and reviewing cyber security controls and documentation provided, such as SOC 2’s, written information security programs, industry certifications, and network penetration testing results.
Experience with vulnerability management, incident management
Demonstrated experience as a trusted advisor and partner.
Excellent analytical and problem-solving skills, including ability to create and adapt to unconventional controls.
Broad understanding of cyber security practices for third party risks including software, cloud, SaaS.
Experience with the review of cyber security contractual agreements and amendments, applying risk-driven techniques.
Familiarity with managing your workload using a Jira Kanban board.
Software security lifecycle and vulnerability management experience including familiarity with threat modeling, static code analysis, dynamic scanning, and penetration testing.
Strong communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise business terms.
Strong project management skills with the ability to manage multiple priorities.
Working with and executing proficiently in industry known GRC tools.

Benefits

Health insurance
Paid time off
Flexible working arrangements
Professional development opportunities

Similar roles

Browse all Risk jobs

5 hours ago

TR

TruistBusiness Unit Risk Advisor – Business Continuity, Incident Management

Business Unit Risk Advisor managing business continuity and disaster recovery program requirements at Truist. Collaborating with leadership to mitigate risk and ensuring compliance in a financial context.

Onsite Role

Charlotte United States Risk

$136,000 - $170,000 per year

5 hours ago

TR

TruistBusiness Unit Risk Advisor I – Core Technology and Operations

Business Unit Risk Advisor managing risks and controls within Technology Business Unit at Truist. Executing risk program requirements and advising leadership on risk management strategies.

Onsite Role

Charlotte United States Risk

6 hours ago

LE

lemon.marketsHead of Governance Operations

Lead Governance Operations at lemon.markets, ensuring compliance and operational excellence. Drive innovation in European FinTech with a focus on secure infrastructure.

Hybrid Role

Berlin Germany Risk

7 hours ago

IS

IKNOWHOW SAData Governance Consultant

Data Governance Consultant at iKnowHow S.A. shaping data governance initiatives and working closely with clients. Designing, implementing, and optimizing governance strategies for data quality and management.

Hybrid Role

Athens Greece Risk

11 hours ago

AI

AirbusSAP System Management and Governance Tool Specialist

SAP System Management and Governance Tool Specialist managing batch job automation and compliance within Airbus ERP systems and landscapes. Collaborating in an international team to enhance data security and process improvements.

Onsite Role

München Germany Risk

15 hours ago

TA

TASCSenior Analyst, Risk Management

Senior Analyst managing operational risk compliance and controls for Mastercard's Vocalink in the UK. Collaborating with teams to ensure robust operational risk practices.

Onsite Role

Dunstable United Kingdom Risk

15 hours ago

RA

RainHead of Risk Products

Head of Risk Products driving risk strategy and delivering risk platform solutions at fintech startup. Collaborating with teams to prevent fraud and abuse in payment ecosystems.

Hybrid Role

New York City United States Risk

16 hours ago

RB

RBCSenior Manager, High Risk Client Management

Senior Manager in High Risk Client Management at RBC, overseeing EDD risk assessment processes for high risk clients. Partnering with Financial Intelligence and Compliance teams to ensure timely management and oversight of risk assessments.

Onsite Role

Toronto Canada Risk

19 hours ago

CA

Catupiry®IT Governance Analyst, Senior

Governance Analyst for IT at Catupiry, implementing IT frameworks and managing governance policies. Responsible for financial oversight and internal compliance in a hybrid work model.

Hybrid Role

São Paulo Brazil Risk

20 hours ago

LB

LBBWIT-Risk & Governance Chief Officer – Risikomanagement

IT - Risk & Governance Chief Officer ensuring strategic IT risk management process at LBBW bank. Leadership in global IT risk projects and compliance management with deep expertise in regulatory requirements.

Onsite Role

Stuttgart Germany Risk