Description
The Cyber and 3rd Party Risk Manager will be responsible for identifying, assessing, and mitigating cyber risks associated with third-party vendors, ensuring compliance with security policies and regulations.
Responsibilities
- Identify, assess, and manage cyber risks associated with third-party vendors.
- Develop and implement risk assessment methodologies and frameworks.
- Conduct regular audits of third-party vendors to ensure compliance with security policies.
- Collaborate with cross-functional teams to mitigate identified risks and improve security posture.
- Monitor and report on the effectiveness of risk management strategies.
- Stay updated on industry trends, regulatory requirements, and emerging threats in cybersecurity.
- Provide training and awareness programs related to third-party risk management.
Skills and Qualifications
- 6-9 years of experience in cybersecurity or risk management.
- Strong understanding of risk assessment methodologies and frameworks.
- Experience in vendor risk management and third-party assessments.
- Knowledge of cybersecurity best practices, frameworks (e.g., NIST, ISO 27001), and regulatory requirements.
- Proficiency in risk management tools and software.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills to collaborate with various stakeholders.
- Certifications such as CISSP, CISM, or CRISC are preferred.
