Nordic Global ยท 2 days ago
Third Party Risk Management Lead
Wonder how qualified you are to the job?
Information ServicesInformation Technology
Insider Connection @Nordic Global
Responsibilities
Coordinates the identification and ranking of third-party cybersecurity risks and risk impacts
Builds communication and escalation plans around third-party cybersecurity risk management activities within the enterprise
Understands and applies relevant regulatory and legal compliance requirements
Manages third-party cybersecurity risks as defined in third-party contracts and in accordance with existing risk management programs and policies
Develops, monitors, and possibly executes third-party remediation actions, mitigation, and contingency plans when cybersecurity risks or events are identified
Ensures all external party regulatory compliance
Designs and implements data loss prevention strategies
Monitors data transfer; implements security measures and conducts risk assessments to identify vulnerabilities
Coordinates the gathering of third-party cybersecurity risk assessment data and prepares cybersecurity risk assessments for critical-related third-parties as needed, to be published and communicated to stakeholders
Tracks identified cybersecurity risks and risk events
Influences third-parties and business partners to ensure compliance with cybersecurity risk management policies
Collaborates, as appropriate, with cybersecurity, finance, compliance, and/or disaster recovery, business continuity management, and other risk functions to maintain an enterprise risk management program
Works with regulatory officers and auditors as necessary
Maintains documentation for internal and external audits
Communicates identified cybersecurity risk requirements and violations to internal stakeholders, end users within the business, and responsible third-parties while supporting the response to and the addressing of these issues
Develops and coordinates third-party cybersecurity risk management frameworks, policies, and processes within a broader enterprise, operational, and IT risk management model
Facilitates security onboarding process for new vendors
Develops and provides training/guidance to stakeholders across the organization to promote a strong risk-aware culture
Implements and maintains the monitoring system for third-party cybersecurity risk management
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred)
5+ years of experience in Third Party Risk Assessments
5+ years of experience in integrating cybersecurity risk management with overall business strategy, ensuring alignment with organization objectives
Strong background in conducting Business Impact Analysis (BIA) to evaluate the potential impact of cybersecurity risk on critical business processes and functions
Proven experience securing on one or more major cloud platforms (e.g., AWS, Azure, GCP)
Working knowledge of scripting languages (e.g., Python, PowerShell) for automating tasks
Strong understanding of security principles and best practices (e.g., zero trust, least privilege)
Excellent analytical and problem-solving skills
Meticulous attention to detail and accuracy
Effective communication and interpersonal skills
Ability to work independently and collaboratively within a team environment
Preferred
Broad knowledge of all IT related technologies with subject matter expertise in IT Security related technology and business exposures impacting organizational vitality preferred
Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration
Information systems auditing, monitoring, controlling, and assessment process
Risk assessment and management methodology
Experience in Microsoft Purview is a plus
Experience in Exchange Online Transport Rules is a plus
Position is remote
Ability to travel up to 10% of the time
Company
Nordic Global
Nordic Global is an information technology company.
H1B Sponsorship
Nordic Global has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2022 (3)
Funding
Current Stage
Late StageRecent News
Globe Newswire
2024-05-13
Morningstar, Inc.
2024-04-19
2024-04-15
Company data provided by crunchbase