Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME

Enterprise Cybersecurity Supplier and Third Party Cyber Risk SME is seeking a detail-oriented and proactive Supplier or Third-Party Cyber Risk Analyst to join our ECS Governance, Risk, and Compliance (GRC) team. In this role, you will be responsible for protecting the organization's information systems and data from cyber threats posed by suppliers and third-party vendors.

Requirements

• 5+ years of experience in cybersecurity, cyber risk, or cyber governance functions
• 3+ years of experience operating in a role focused on Third-Party Cyber Risk
• Experience with cybersecurity principles, best practices, and risk frameworks such as NIST 800 series publications, Risk Management Framework (RMF), Standard Information Gathering (SIG), Health Insurance Portability and Accountability Act (HIPAA), United Kingdom Cyber Essentials, or Factor Analysis of Information Risk (FAIR)
• Experience using Microsoft Office Pro Suite and SharePoint
• Experience in risk identification, quantification, assessment, and reporting
• Experience with GRC platforms such as Archer and ServiceNow
• Experience leading a third-party risk program or workstream
• Knowledge of evaluating and assessing suppliers against cybersecurity principles and regulatory compliance for managing a robust program around supplier or third-party risk management
• HS diploma or GED

Benefits

• health, life, disability, financial, and retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program