Information Security Third Party Risk Management Analyst @ First Quality | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
Information Security Third Party Risk Management Analyst jobs in Pennsylvania, United States
200+ applicants
job-post-linkOriginal Job Post
company-logo

First Quality · 3 days ago

Information Security Third Party Risk Management Analyst

positionPennsylvania, United States
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date5+ years exp

Wonder how qualified you are to the job?

ftfMaximize your interview chances
ConsumerHealth Care
Hiring Manager
Adam Rubenstein
linkedin

Insider Connection @First Quality

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Directly responsible for performing security due diligence risk assessments on new and existing third parties against First Quality policies as well as leading industry practices
Identify third party risks, appropriate risk levels, and recommend remediation or mitigation strategies to the business
Present issues to the business and 3rd parties and obtain corrective action plans
Track and follow up on corrective action plans and review evidence for closure
Work with business and project teams to ensure security controls are built into IT functional specifications using leading industry practices
Review documentation associated with third party risk assessments to identify non-conformances
Establish and maintain Key Performance Indicators (KPIs)and Key Risk Indicators (KRIs) for the Third-Party Risk Management Program and initiatives
Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure and risk
Perform maintenance and configuration changes, as necessary, in the Third-Party Risk Management platform
Update procedure documentation to incorporate process changes
Drive relevant stakeholder participation in evaluation of risk and control effectiveness
Maintain expertise on security trends through training, research, and development to mitigate potential security exposures
Liaise with key functional teams such as HR, IT, OT, Digital Strategy, Finance, Enterprise Risk, Quality, Office of General Counsel and relevant business stakeholders to perform third party security reviews on their new and existing vendors and identify risks that require remediation

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information securityOperational technologyThird-party risk managementSecurity technologiesOperational technology/scada systemsCloud computingMobile device managementAccess managementEmerging technologiesAssessment reportsStandard information gathering (sig)Soc 1CaiqIso 27001/2Nist 800-53Nist csfStandard of good practiceHipaa hitrustMicrosoft officeProblem-solvingCommunicationLeadershipFlexibilityAdaptabilitySCADA/OT systemsSecurity ManagementCompTIA Security +CISSPCISA

Required

5 years’ experience working directly in an Information Security, Information Technology or Operational Technology department with involvement in the Third-Party Risk Management Program
Working knowledge of security technologies and controls in the following areas: Operational Technology/SCADA systems, cloud computing, mobile device management, identity and access management, emerging technologies
Working knowledge of the following types of assessment reports: Standard Information Gathering (SIG), SOC 1 and 2 reports, CAIQ
Working knowledge of the following frameworks and regulations: ISO 27001/2, NIST 800-53, NIST CSF, Standard of Good Practice, HIPAA HiTrust
Bachelor's degree in management information systems, computer science, cyber security or equivalent
Ability to work independently and under the guidance of a direct supervisor
Ability to prioritize and multitask and a work approach that supports flexibility and adaptability is paramount
Excellent written and oral communications skills; ability to lead discussions, present ideas to audiences of all sizes, and interact with all levels of the organization
Ability to communicate security technical risks to non-technical business stakeholders
Proficiency with the Microsoft Office suite

Preferred

Experience working with any Third-Party Risk Management platform is preferred
Experience securing or assessing SCADA/OT systems and vendor solutions is a plus
Professional security management certification: CompTIA Security +, CISSP, CISA, or equivalent or working towards certification is preferred

Benefits

Annual discretionary bonus
Employee benefits package
Eligible for benefits starting on the first day of employment
Data privacy and security training
Equal Opportunity Employer

Company

First Quality

twittertwitter
Glassdoor
3.7
company-logo
Manufacturing Adult Incontinence Products, Feminine Hygiene Products, Baby Wipes, Adult Washcloths, and Consumer Paper Products.
dateFounded in 1989
location
Great Neck, New York, USA
people-size1,001-5,000 employees
web-link
http://firstquality.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Ariel Litvin
CISO
linkedin
leader-logo
Mike Janiak
Chief Information Officer
linkedin

Recent News

Adult Incontinence Products Market is Booming Worldwide | Kimberly-Clark, Essity, First Quality Products
2024-03-06
Nonwoven Fabrics Market is Set To Fly High in Years to Come | ExxonMobil, Berry Global, First Quality Products
2024-03-06
Adult Diaper Market Worth $24.13 Billion, Globally, by 2030 - Exclusive Report by The Insight Partners
2024-03-06
Company data provided by crunchbase
logo

Orion

Your AI Copilot