This site uses cookies. To find out more, see our Cookies Policy

Security Risk Analyst/ Third Party Risk Management in Austin, TX at Techworkers

Date Posted: 12/8/2018

Job Snapshot

Job Description

Description:  The Security Risk Analyst is responsible for supporting the activities related to Third-Party Risk Management program, responsible for implementing and executing VRM (Vendor Risk Management). The goal being to ensure business owners understand, engage the SRM process, and monitor their respective suppliers strategic fit, risk management controls, data security, potential changes, compliance with regulatory requirements, and alignment of priorities.
 
The analyst must identify and communicate to business the associated risks of supplier provided processes and services in support of operations ranging from low-risk to critical suppliers.
 
 Job Responsibilities:
 

  • Support the Third Party Risk Management (TPRM) Program to effectively manage supplier risk in accordance with internal policy and regulatory requirements
  • Ensure strong oversight of all supplier risks and provide visibility of existing and emerging risks.
  • Perform initial and periodic risk assessments, and other necessary reviews, to identify, measure and manage third party risks.
  • Effectively utilize available evidence to perform risk assessments.
  • Identify, categorize and evaluate 'critical' and 'non-critical', using a 'Risk-Based Standard', for potential or current service providers.
  • Based upon risk classification, complete analysis of risk factors for suppliers (including any subcontractors with access to data) and ensure the respective business owners are monitoring, reviewing, and mitigating risk associated with service providers using risk factors identified in pertinent standards; for example: Regulatory Compliance, Legal, Financial Stability, Reputation, Operational, Business Continuity/Disaster Recovery, and Information Security.
  • Provide dedicated support, integrated with the Procurement system, to the onboarding and oversight of all new and existing third-party supplier relationships.
  • Act as a subject matter expert to assist the business in identifying and mitigating risks on their supplier relationships.

Job Requirements


Required Skills:

  • Minimum 4 year degree in an Information Technology discipline
  • 3+ years of experience in 3rd party security assessment/ management
  • Some experience with information security
  • Third-party Service provider relationship management
  • Knowledge of Cloud Service Providers
  • Demonstrated experience with controls-based information security frameworks (e.g., ISO 27001, NIST CSF, etc.)
  • Proven Project Management experience
  • Analytical and conceptual thinking - using logic and reason, creative and strategic
  • Attention to detail, consistency, dependability.
  • Communication skills - interpersonal, presentation, verbal clarity, and written.
  • Influencing and negotiation skills