Booz Allen Hamilton

Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME

Join Booz Allen Hamilton in McLean, VA as an Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME. Leverage ServiceNow for risk management, ensuring supplier compliance and governance. 5+ years in cybersecurity required. Benefits include health, tuition assistance, and recognition awards.

ServiceNow Role Type:
ServiceNow Modules:
Department - JobBoardly X Webflow Template
Governance, Risk, and Compliance
Department - JobBoardly X Webflow Template
Third-Party Risk Management
ServiceNow Certifications (nice to have):
Department - JobBoardly X Webflow Template
Certified Implementation Specialist - Third-Party Risk Management

Job description

Date - JobBoardly X Webflow Template
Posted on:
 
May 27, 2025

Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME. Develop and mature a program that accurately tiers suppliers based on various risk factors and a supplier-based threat model. Evaluate the overall cybersecurity management practices of suppliers by examining the governance structures and cybersecurity policies or frameworks.

Requirements

  • 5+ years of experience in cybersecurity, cyber risk, or cyber governance functions
  • 3+ years of experience operating in a role focused on Third-Party Cyber Risk
  • Experience with cybersecurity principles, best practices, and risk frameworks such as NIST 800 series publications, Risk Management Framework (RMF), Standard Information Gathering (SIG), Health Insurance Portability and Accountability Act (HIPAA), United Kingdom Cyber Essentials, or Factor Analysis of Information Risk (FAIR)
  • Experience using Microsoft Office Pro Suite and SharePoint
  • Experience in risk identification, quantification, assessment, and reporting
  • Experience with GRC platforms such as Archer and ServiceNow
  • Experience leading a third-party risk program or workstream
  • Knowledge of evaluating and assessing suppliers against cybersecurity principles and regulatory compliance for managing a robust program around supplier or third-party risk management
  • HS diploma or GED

Benefits

  • Health, life, disability, financial, and retirement benefits
  • Paid leave, professional development, tuition assistance, work-life programs, and dependent care
  • Recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values

Requirements Summary

5+ years of experience in cybersecurity, cyber risk, or cyber governance functions; 3+ years of experience operating in a role focused on Third-Party Cyber Risk; experience with cybersecurity principles, best practices, and risk frameworks