External Footprint Security Analyst safeguarding public - facing digital assets with expert cybersecurity skills at HID Global. Design and implement proactive strategies for identifying and mitigating vulnerabilities across multiple locations.
TI
Hybrid Cybersecurity Analyst, Third-Party Risk & Technology Governance
Posted 4 months ago
About the role
- Cybersecurity Analyst at Trimble managing third-party cybersecurity risks and optimizing risk management processes with a focus on automation and AI security. Collaborating on assessments related to vendors and technologies.
Responsibilities
- Lead comprehensive cybersecurity risk assessments for new and existing vendors, partners, and suppliers.
- Analyze and validate vendor security documentation, including SOC 2, ISO 27001 certifications, and security questionnaires (SIG/CAIQ).
- Evaluate vendor control environments, specializing in cloud infrastructure (AWS, Azure, GCP), application security (OWASP Top 10), and data protection.
- Clearly articulate and document technical risks for both technical teams and senior business stakeholders.
- Collaborate with Legal and Procurement to develop, track, and enforce vendor risk remediation plans.
- Drive efficiency and consistency by analyzing and optimizing the end-to-end Third-Party Risk Management (TPRM) lifecycle.
- Design and implement automated workflows within our Governance, Risk, and Compliance (GRC) platform.
- Define, track, and report Key Performance Indicators (KPIs) and metrics to measure TPRM program health and effectiveness.
- Maintain core program documentation, including Standard Operating Procedures (SOPs) and assessment methodologies.
- Conduct specialized AI vendor security evaluations covering critical domains such as model integrity, data privacy, and adversarial attack resistance.
- Provide guidance on the secure and responsible adoption of third-party AI technologies to internal teams.
- Stay current with evolving AI regulatory frameworks (e.g., NIST AI RMF, EU AI Act) and emerging security threats.
- Leverage AI solutions to automate dynamic risk management and continuous testing of vendor controls.
Requirements
- 3 years of experience in an information security, IT audit, or technology risk management role.
- At least 2 years of direct, hands-on experience in Third-Party Risk Management (TPRM).
- Proven ability to analyze and streamline complex processes, with a track record of implementing successful improvements.
- Strong technical knowledge of core cybersecurity domains, including cloud security, network security, identity and access management (IAM), and encryption.
- Demonstrated experience interpreting security reports and assessing the effectiveness of technical controls.
- A strong interest in and foundational understanding of AI/ML technologies and their unique security challenges.
- Excellent analytical skills, with the ability to think critically and solve problems independently.
- Strong written and verbal communication skills, capable of engaging with a wide range of audiences.
- Hands-on experience with TPRM platforms.
Benefits
- Health insurance
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Sr. Information Security Analyst managing information security strategy and execution at Otter Products in Fort Collins, CO. Leading initiatives for enterprise security programs and incident response.
Technical reference in Application & API Security for Vivo Vita. Managing Akamai platform and incident response in a collaborative work environment.
Entry level Information Security Analyst working on assignments to monitor systems for unusual activity. Contributing to technology supporting the mission of the Church.
Security Analyst supporting delivery of managed security services for higher education clients at Asiera. Responsibilities include incident management, threat hunting, and collaboration with multiple teams.
Senior Cybersecurity Analyst designing and improving information security processes at Localiza&Co. Collaborating with various teams to ensure governance and data safety.
Associate Cybersecurity Analyst executing the Cybersecurity Program at GM Financial, managing risks and ensuring security for company assets.
Level 1 Cyber Security Analyst analyzing and escalating cyber - security alerts in log aggregation tools. Engaging in incident follow - up and basic automation in a supportive team environment.
Analista de Segurança, Saúde e Meio Ambiente na ANDRITZ gerenciando indicadores e programas de HSE. Engajando - se em auditorias e treinamentos para garantir a conformidade e segurança.
Cybersecurity Analyst with Incident Responder experience for SOC Team at NTT DATA Romania. Monitor and respond to security alerts while collaborating with clients.