Senior Analyst, Third-Party Security

Job description

The Senior Analyst, Third-Party Security will play a key role in supporting the Third-Party Security Team in both the development and execution of the firm’s Third-party Security Program. This includes identifying, assessing, monitoring, and mitigating risks associated with vendors, suppliers, and service providers across the globe as well as supporting strategic program initiatives. The ideal candidate is an experienced information security or IT risk management professional with a background in third-party assessment execution, IT Risk management or IT Audit. The candidate should possess strong analytical skills, attention to detail, and the ability to collaborate cross-functionally with legal, Vendor Management Office, and IT security teams. Strong communication and interpersonal skills are required to effectively engage with third parties and program stakeholders. Essential Job Duties & Responsibilities: Conduct information security due diligence including secure by design reviews, during vendor onboarding, at renewal, and periodic review cycles. Apply a risk-based approach to third party security assessments, including documenting compensating controls and risks acceptances wh...