Network Security Engineer at Eurobank leading the design of network security architectures. Collaborating with teams to ensure compliance and effective network security implementations in a banking environment.
About the role
- Senior Analyst in Information Security & IT Vendor Risk Management ensuring security compliance across vendor ecosystem. Handling risk assessments and coordinating cyber incident responses at QTS.
Responsibilities
- Own and administer the TPRM/Vendor Risk Management (VRM) platform used for vendor onboarding, due diligence, periodic assessments, issue management, ongoing monitoring, and off-boarding
- Lead security-focused risk assessments of IT and cloud vendors, analyzing controls for infrastructure, applications, privacy, and business continuity
- Support third-party incidents and breach remediation by coordinating with vendors and internal stakeholders to identify & validate impact, document response, and track corrective actions
- Monitor vendor performance and control effectiveness against recognized security frameworks (NIST, ISO 27001, SOC 2, HITRUST, CMMC, PCI DSS) and regulatory requirements (GDPR, HIPAA, etc.)
- Create and maintain the risk register, vendor inventory and issue tracking with accurate, up-to-date information within the VRM platform
- Provide executive reporting on vendor risk posture, program metrics, incident & remediation status
- Partner with stakeholders to update standards, procedures, and controls, maturing the TPRM program to meet evolving cyber and regulatory requirements
- Liaise with internal and external auditors to manage IT security and compliance reviews tied to vendor controls
- Deliver training and awareness to stakeholders to strengthen risk management culture across business functions
- Stay updated on the latest security trends and threat intelligence
Requirements
- Bachelor’s degree required
- Minimum of 5 years of experience in IT security risk management, third-party/vendor risk management, or related fields
- Previous vendor management experience required
- Understanding of security risks across IT operations, including application development, cloud infrastructure, and disaster recovery
- Proficient in applying security and compliance frameworks such as NIST, ISO 27001, SOC 2, PCI DSS, HITRUST, GDPR, CMMC, and HIPAA
- Experience managing or administering vendor risk management (VRM/TPRM) or governance, risk, and compliance (GRC) platforms
- Skilled in evaluating SOC 2 reports, penetration test results, security questionnaires, and vendor security documentation
- Proven ability to assess risk and identify vulnerabilities through detailed risk reviews
- Demonstrated experience supporting third-party cyber incidents and breach response efforts
Benefits
- Employer Paid Benefits
- 401K with Employer Match
- QRest Sabbatical
- Employee Stock Purchase
- QTS scholarship for dependents
- Eagle Club award trip eligibility
- Paid volunteer days
- Tuition assistance
- Parental leave and military leave assistance
- Total Rewards medical, dental, vision, life, and disability insurance
- 401(k) retirement plan
- Flexible spending and HSA accounts
- Paid holidays
- Paid time off
- Employee assistance program
- Wellness program
- Other company benefits
- Bonus eligible
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Patrol Officer creating a secure environment for patients at Health Sciences Centre. Enforcing laws and assisting in medical and nursing staff in Winnipeg, Canada.
OT (Cyber) Security Officer responsible for securing IT and OT systems in large infrastructure projects. Collaborating with a security team to develop cybersecurity strategies and incident responses.
Cyber Security Consultant at NewTec aiding clients in implementing security measures and management plans. Engaging in project diversity with experienced specialists in a supportive environment.
Technical Security Engineer supporting national security by implementing security solutions for government clients. Collaborating with teams to assess vulnerabilities and protect mission data.
Lead Information Systems Security Manager at Booz Allen managing Risk Management Framework authorization and continuous monitoring of IT systems in compliance with security policies.
ISSO providing advanced cyber solutions for government clients. Leading security assessments and mitigation planning to secure mission - critical systems.
Cybersecurity Senior Associate analyzing complex cybersecurity issues and mentoring junior team members. Building client relationships while contributing to threat intelligence and vulnerability management initiatives.
Cybersecurity Manager leading threat intelligence and SIEM solutions initiatives for a global accounting firm based in Taguig. Plan and direct resources for successful project outcomes while mentoring junior staff.
Senior IT - Security Engineer responsible for implementing cyber security solutions in complex IT infrastructures for clients. Leading technical security projects with focus on customer support and security strategy development.