200+ applicants

Company

Original Job Post

Nordic Global · 2 days ago

Third Party Risk Management Lead

United States

Full-time

Hybrid

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Information ServicesInformation Technology

H1B Sponsorship

Insider Connection @Nordic Global

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Coordinates the identification and ranking of third-party cybersecurity risks and risk impacts

Builds communication and escalation plans around third-party cybersecurity risk management activities within the enterprise

Understands and applies relevant regulatory and legal compliance requirements

Manages third-party cybersecurity risks as defined in third-party contracts and in accordance with existing risk management programs and policies

Develops, monitors, and possibly executes third-party remediation actions, mitigation, and contingency plans when cybersecurity risks or events are identified

Ensures all external party regulatory compliance

Designs and implements data loss prevention strategies

Monitors data transfer; implements security measures and conducts risk assessments to identify vulnerabilities

Coordinates the gathering of third-party cybersecurity risk assessment data and prepares cybersecurity risk assessments for critical-related third-parties as needed, to be published and communicated to stakeholders

Tracks identified cybersecurity risks and risk events

Influences third-parties and business partners to ensure compliance with cybersecurity risk management policies

Collaborates, as appropriate, with cybersecurity, finance, compliance, and/or disaster recovery, business continuity management, and other risk functions to maintain an enterprise risk management program

Works with regulatory officers and auditors as necessary

Maintains documentation for internal and external audits

Communicates identified cybersecurity risk requirements and violations to internal stakeholders, end users within the business, and responsible third-parties while supporting the response to and the addressing of these issues

Develops and coordinates third-party cybersecurity risk management frameworks, policies, and processes within a broader enterprise, operational, and IT risk management model

Facilitates security onboarding process for new vendors

Develops and provides training/guidance to stakeholders across the organization to promote a strong risk-aware culture

Implements and maintains the monitoring system for third-party cybersecurity risk management

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Third Party Risk AssessmentsCybersecurity Risk ManagementBusiness Impact AnalysisCloud Platforms AWSCloud Platforms AzureCloud Platforms GCPScripting Languages PythonScripting Languages PowerShellSecurity PrinciplesProblem-SolvingAttention to DetailCommunicationCollaborationIT SecurityCyber SecurityCloud SecurityInformation SystemsRisk ManagementMicrosoft PurviewExchange Online Transport Rules

Required

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred)

5+ years of experience in Third Party Risk Assessments

5+ years of experience in integrating cybersecurity risk management with overall business strategy, ensuring alignment with organization objectives

Strong background in conducting Business Impact Analysis (BIA) to evaluate the potential impact of cybersecurity risk on critical business processes and functions

Proven experience securing on one or more major cloud platforms (e.g., AWS, Azure, GCP)

Working knowledge of scripting languages (e.g., Python, PowerShell) for automating tasks

Strong understanding of security principles and best practices (e.g., zero trust, least privilege)

Excellent analytical and problem-solving skills

Meticulous attention to detail and accuracy

Effective communication and interpersonal skills

Ability to work independently and collaboratively within a team environment

Preferred

Broad knowledge of all IT related technologies with subject matter expertise in IT Security related technology and business exposures impacting organizational vitality preferred

Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration

Information systems auditing, monitoring, controlling, and assessment process

Risk assessment and management methodology

Experience in Microsoft Purview is a plus

Experience in Exchange Online Transport Rules is a plus

Position is remote

Ability to travel up to 10% of the time

Company

Nordic Global

Nordic Global is an information technology company.

Founded in 2010

Louisville, Kentucky, USA

1,001-5,000 employees

https://www.nordicglobal.com

H1B Sponsorship

Nordic Global has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2022 (3)