Conexess Group · 4 hours ago
Cyber Security Principal (Third Party Risk Management) Remote
New York, NY
Full-time
Remote
Senior Level
7+ years exp
Maximize your interview chancesConsultingInformation Services
Insider Connection @Conexess Group
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Plans, designs and/or recommends security solutions and capabilities that enable the organization to identify, protect, respond and recover from cyber threats and vulnerabilities in an off-shore/outsourcing environment.
Drive and lead security and risk prevention solutions and programs for the Third Party Cyber Risk Management Program in partnership with key technology stakeholders from the broader cyber and technology organization.
Assess complex IT environments and mapping the data flow through systems/applications and organization functions
Identify and evaluate complex business and technology risks, internal control risk management, IT controls and related standards
Define, develop and implement security solutions/requirements within outsourcing program by utilizing NITS framework, etc. (off-shore/near-shore) .
Initiate and drive risk reduction solution/requirements through operational best practices and technology improvements in partnership with the broader cyber and technology organization.
Be an advocate for key business stakeholders by uncovering security risks within internal processes, technologies, and partnerships and developing a plan to manage and remediate those risks
Lead technical implementation requirements for our TPCRM outsourcing program, ensuring they are aligned with the broader cyber organization processes and standards
Hypothesize, socialize and seek feedback on security programs with various cross-functionals partners (network, endpoint, virtualized platforms, infrastructure). Establish security controls to ensure protection of off-shore systems and delivery centers.
Consult on outsourcing MSA and SOW contract language to ensure security, reliability, and IT requirements are aligned with security standards in partnership with business, legal, sourcing, privacy and IT stakeholders.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
7+ years’ experience working in cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management or technology management capacity.
Working knowledge of general IT and business processes and familiarity with organizational technology landscapes.
Deep understanding of cyber risk assessment and risk management, and familiarity with cybersecurity- and privacy-related regulatory compliance requirements, industry standards and frameworks (NIST, PCI, ISO, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).
Preferred
Masters Degree Preferred
Demonstrated working knowledge of at least one of the following – SSDLC, secure architecture design, threat modelling, data privacy, AI security, cloud security.
Hands-on technology administration is not required, but sufficient familiarity to participate in technical discussions is critical.
Company
Conexess Group
Conexess Group is an information technology company providing IT staffing and project management services.
51-200 employees
H1B Sponsorship
Conexess Group has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (1)
2021 (3)
2020 (6)
Funding
Current Stage
Growth StageLeadership Team
Austin Meibers
Founder and Partner
Company data provided by crunchbase
