TIAA · 1 day ago
Lead Third-Party Cyber Risk Analyst
Chicago, IL
Full-time
Onsite
Senior Level, Lead/Staff
$104K/yr - $167K/yr
5+ years exp
Maximize your interview chancesFinanceFinancial Services
Insider Connection @TIAA
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Exhibits a deep understanding of Third-Party Cyber Risk Management practices and provides guidance to internal partners as required.
Complete Third-Party Cyber Risk assessments to identify risks and validate implemented security controls to mitigate those risks.
Develop and maintain effective relationships with both internal/external stakeholders.
Collaborate with internal teams and third-party resources to communicate gaps identified through the assessment and provides recommendations to close the gaps.
Document and create issues in the Issue Management system and collaborate with external partners to drive remediation of the risks.
Demonstrate effective communication skills to collaborate with representatives of the Lines- of-Business, technology areas, risk partners, and vendors in performing their role.
Demonstrates ability to identify issues, develop plans to resolve, and understands how to escalate when needed.
Collaborate with technology and risk partners to create remediation action plans to mitigate cybersecurity risks and govern action plans through until completion.
Apply critical thinking to situations where incomplete / imperfect information is available.
Facilitate implementation of the Cyber organization’s global strategies and initiatives to enhance Information Technology plans, operations, and procedures.
Collaborate across extended teams to identify optimization opportunities and drive efficiencies within the vendor engagement and vendor due diligence processes.
Maintain and enhance documented policies and procedures.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Minimum of 5+ years’ experience working in a similar Third-Party Cyber Risk Management role. Possess direct experience with risk assessment methodologies, risk mitigation strategies, and risk reporting.
Minimum of 5+ years’ experience interfacing and communicating (both verbal and written) with both technical and non-technical stakeholders on articulating risks, mitigation plans, and compliance requirements.
Possess the ability to break down strategic problems, analyze data, develop a remediation approach, communicate recommendations, and drive work effort to successful completion.
Knowledge of the NIST Risk Management Framework (RMF) and security controls. Must understand the risk management process, risk mitigation, and risk tracking.
Preferred
Minimum of 7+ years of experience working in a similar role.
Knowledge of new/emerging practices within cybersecurity and controls.
Possess technical background and knowledge to help identify tools and technologies that can support our Third-Party Risk Management program.
Experience collaborating with Agile teams leveraging industry standard tools and processes.
Possess Cyber Security certifications.
Benefits
Superior retirement program
Highly competitive health, wellness and work life offerings
Company
TIAA
TIAA is a financial services company that specializes in providing retirement plans, IRAs, mutual funds, and life insurance.
10001+ employees
H1B Sponsorship
TIAA has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2020 (10)
Funding
Current Stage
Late StageLeadership Team
Roger Ferguson
Former President and CEO
Thasunda Duckett
President & CEO
Recent News
2024-11-13
2024-11-06
MarketScreener
2024-05-24
Company data provided by crunchbase
