About the Role
The role involves identifying, analyzing, and mitigating cybersecurity risks introduced by third-party vendors and partners. Responsibilities include conducting risk assessments, ensuring compliance with security policies, and working cross-functionally to enforce controls.
Responsibilities
- Evaluate security postures of external vendors and service providers
- Perform risk assessments on third-party technologies and platforms
- Review and interpret security documentation such as SOC 2 reports and penetration test results
- Collaborate with procurement and legal teams during vendor onboarding
- Monitor ongoing compliance of third parties with security standards
- Identify potential vulnerabilities stemming from vendor relationships
- Develop and maintain risk classification frameworks
- Support incident response related to third-party breaches or exposures
- Maintain documentation of risk decisions and remediation efforts
- Advocate for security improvements in vendor contracts and SLAs
- Track key risk indicators and report findings to stakeholders
- Stay current with evolving third-party threat landscapes
- Contribute to automation of risk assessment workflows
- Participate in audits involving third-party risk controls
- Ensure alignment with regulatory and compliance requirements
- Facilitate risk tiering based on data sensitivity and access levels
- Escalate critical risks to leadership when necessary
- Coordinate with internal security teams on vendor-related threats
- Assist in developing security questionnaires and due diligence tools
- Promote consistent risk evaluation practices across departments
Compensation
Competitive salary and benefits package
Work Arrangement
Hybrid work model with partial remote flexibility
Team
Part of the global cybersecurity team focused on protecting organizational assets through proactive risk mitigation
Why Join Us
This role offers the chance to work at the forefront of cybersecurity in a high-impact environment. You will help safeguard critical infrastructure by ensuring third-party partners meet rigorous security standards. The team values innovation, collaboration, and continuous learning.
Environmental Job Requirements
Occasional travel to internal sites or partner locations may be required. Work is primarily conducted in an office or remote setting using standard computing equipment.
Available for qualified candidates
