Booz Allen Hamilton

Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME

Join Booz Allen Hamilton in McLean, VA as an Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME. Leverage ServiceNow for risk assessment and supplier compliance. 5+ years in cybersecurity required. Benefits include health, tuition assistance, and recognition awards.

ServiceNow Role Type:
ServiceNow Modules:
Department - JobBoardly X Webflow Template
Governance, Risk, and Compliance
ServiceNow Certifications (nice to have):

Job description

Date - JobBoardly X Webflow Template
Posted on:
 
May 27, 2025

The Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME role is responsible for developing and maturing a program to tier suppliers based on risk factors and evaluate their cybersecurity management practices. The role involves establishing a systematic process for verifying suppliers' compliance with contractual obligations and performance standards, as well as monitoring supplier performance and driving continuous improvement.

Requirements

  • 5+ years of experience in cybersecurity, cyber risk, or cyber governance functions
  • 3+ years of experience operating in a role focused on Third-Party Cyber Risk
  • Experience with cybersecurity principles, best practices, and risk frameworks
  • Experience using Microsoft Office Pro Suite and SharePoint
  • Experience in risk identification, quantification, assessment, and reporting
  • Experience with GRC platforms such as Archer and ServiceNow
  • Experience leading a third-party risk program or workstream
  • Knowledge of evaluating and assessing suppliers against cybersecurity principles and regulatory compliance
  • HS diploma or GED

Benefits

  • Health, life, disability, financial, and retirement benefits
  • Paid leave, professional development, tuition assistance, work-life programs, and dependent care
  • Recognition awards program for exceptional performance and demonstration of values
  • Participation in Booz Allen’s benefit programs for full-time and part-time employees working at least 20 hours a week

Requirements Summary

5+ years of experience in cybersecurity, 3+ years of experience in Third-Party Cyber Risk, knowledge of evaluating and assessing suppliers against cybersecurity principles