Назад
2 дня назад

Third Party Risk Management (TPRM) Analyst (Cybersecurity)

85 000 - 120 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Third Party Risk Management (TPRM) Analyst (Cybersecurity): Identifying, assessing, and managing security risks introduced through third-party vendor relationships with an accent on supply chain security and regulatory compliance. Focus on conducting security risk assessments, optimizing TPRM workflows via GRC tooling, and leveraging AI technologies to enhance decision-making.

Location: Remote (USA)

Salary: $85,000 - $120,000 per year

Company

A global leader in cybersecurity providing an AI-native platform to stop breaches across all industries.

What you will do

  • Manage and mature the TPRM program, including policies, standards, procedures, and assessment methodologies.
  • Conduct security risk assessments of third-party vendors across domains like data security, access management, and incident response.
  • Tier and prioritize vendors based on risk factors such as data sensitivity and operational dependency.
  • Manage risk findings and remediation plans, collaborating with vendors and internal stakeholders to resolve issues.
  • Develop TPRM dashboards and reporting to provide visibility into vendor risk posture and program health.
  • Identify and implement opportunities to automate TPRM workflows leveraging GRC tooling and AI technologies.

Requirements

  • Bachelor's degree in Computer Science, Information Security, Business, or related field, or up to 5 years of experience.
  • Technical focus on third party risk management, vendor risk, or supply chain security.
  • Experience with GRC/TPRM platforms such as ServiceNow, OneTrust, or ProcessUnity.
  • Familiarity with SOC 1/SOC 2, ISO 27001/27002, NIST 800-53, CSA-CCM, GDPR, and PCI-DSS.
  • Experience reviewing vendor security documentation, including SOC reports and penetration tests.
  • Must be based in the USA (indicated by salary range and E-Verify participation).

Nice to have

  • CISSP, CISM, CRISC, or CTPRP certifications.
  • Experience with continuous monitoring solutions like BitSight or SecurityScorecard.
  • Practical experience in software development or secure coding practices (e.g., SBOM).
  • Familiarity with CrowdStrike products and services.

Culture & Benefits

  • Market leader in compensation and equity awards.
  • Comprehensive physical and mental wellness programs.
  • Competitive vacation and holidays for recharge.
  • Paid parental and adoption leaves.
  • Professional development opportunities for all employees regardless of level.
  • Vibrant office culture with world-class amenities for those visiting physical locations.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →