Cyber and 3rd party risk manager

Description

The Cyber and 3rd Party Risk Manager will be responsible for identifying, assessing, and mitigating cyber risks associated with third-party vendors, ensuring compliance with security policies and regulations.

Responsibilities

• Identify, assess, and manage cyber risks associated with third-party vendors.
• Develop and implement risk assessment methodologies and frameworks.
• Conduct regular audits of third-party vendors to ensure compliance with security policies.
• Collaborate with cross-functional teams to mitigate identified risks and improve security posture.
• Monitor and report on the effectiveness of risk management strategies.
• Stay updated on industry trends, regulatory requirements, and emerging threats in cybersecurity.
• Provide training and awareness programs related to third-party risk management.

Skills and Qualifications

• 6-9 years of experience in cybersecurity or risk management.
• Strong understanding of risk assessment methodologies and frameworks.
• Experience in vendor risk management and third-party assessments.
• Knowledge of cybersecurity best practices, frameworks (e.g., NIST, ISO 27001), and regulatory requirements.
• Proficiency in risk management tools and software.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills to collaborate with various stakeholders.
• Certifications such as CISSP, CISM, or CRISC are preferred.