CrawlJobs Logo

Senior Third-Party Security Risk Analyst

https://www.ledger.com Logo

Ledger

Location Icon

Location:
France, Paris

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute to the Enterprise Risk Management program by assessing, mitigating, and monitoring risks throughout the vendor lifecycle. You will ensure high security standards are met to protect data and systems.

Job Responsibility:

  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.

Requirements:

  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
What we offer:
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.

Additional Information:

Job Posted:
May 13, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Third-Party Security Risk Analyst

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Third-Party Risk Analyst

As a Third-Party Risk Analyst, you will be responsible for evaluating, monitorin...
Location
Location
United States , Baltimore
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Risk, Business, Business Technology, Cybersecurity, or a related field
  • 2+ years of experience in third-party risk management, vendor management, procurement, internal audit
  • Strong understanding of third-party risk management principles, methodologies, and best practices
  • Detail-oriented and organized, with the ability to manage multiple priorities and deadlines in a fast-paced environment
  • Proficiency in using risk management tools, software, and technologies to support third-party risk assessment and monitoring activities
  • Excellent analytical, problem-solving, and critical-thinking skills, with the ability to assess complex situations and make informed risk-based decisions
  • Effective communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments of third-party vendors and service providers
  • Review and analyze third-party contracts, agreements, and security documentation
  • Develop and implement risk mitigation strategies and action plans
  • Monitor and track third-party risk indicators
  • Collaborate with internal audit, compliance, and information security teams
  • Collaborate with procurement, legal, and business units
  • Conduct periodic reviews and audits of third-party vendors
  • Provide regular reporting and updates to senior management, the board of directors, and other stakeholders
  • Stay informed about industry trends, emerging risks, and best practices in third-party risk management
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Program Management Analyst

The Program Management Analyst - C10 will be responsible for executing day-to-da...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8 years of working experience in Financial services / Banking industry with strong knowledge of banking regulatory requirements
  • Preferred 3+ years of direct, relevant experience in third-party risk identification and management, operational risk management, compliance and/or audit
  • Knowledge of third-party management risk and control methodologies and best practices
  • Bachelor’s degree required
  • Master’s degree or any other equivalent is preferred
Job Responsibility
Job Responsibility
  • Facilitate Citi businesses’ ongoing compliance with Third Party Management requirements outlined in Citi policies and standards
  • Providing process guidance and support to Third Party Officers (TPOs), Business Activity Owners (BAOs) and other business stakeholders on end-to-end Third Party Management requirements and set up periodical review meeting with all the stakeholders
  • Execute various third party risk assessment controls as identified by the Third Party Risk Assessment Process and provides guidance to TPU Process Analysts on process execution
  • Verify if all critical data fields are captured accurately while onboard the suppliers into Master supplier database and Payment systems
  • Ensure that all suppliers are screened against the Negative/SDN list on a periodic basis and any positive matches are escalated to senior management
  • Verify if third parties’ policies and procedures are complaint to Citi’s policies and procedures. Identify and report gaps if any, to senior management
  • Partner with Sourcing and Business and provide approval to sign the contract once all Due diligence activities are completed and gaps if any are remediated
  • Undertake onsite Reviews and Video conferencing sessions with Third Parties to perform Risk Management activities
  • Review the contractual terms and conditions agreed between Citi and third party and perform controls checks to ensure that all contractual obligations are met by the third party
  • Perform Quality Check on the control assessments performed by TPU Risk Analyst I&II and provide guidance to the Analysts on performing assessments in line with policies and procedure
  • Fulltime
Read More
Arrow Right

Program Management Analyst

The Third Party Management Program Execution provides operational support, proce...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8+ years of working experience in financial services / Banking industry
  • Preferred 3+ years of direct, relevant experience in third-party risk management or operational risk management or Audit related work
  • Knowledge of third-party management risk and control methodologies and best practices
  • Team management skills preferred
  • Supply chain management experience preferred
  • Bachelor’s degree required
  • Master’s Degree preferred
  • Professional Qualifications including CA/ICWA/ACS etc
Job Responsibility
Job Responsibility
  • Looks for ways to improve the current process and share best practices with management team
  • Participates in team meetings to analyze documentation and processes to ensure risks and control points are properly addressed
  • Assists management group in gathering data and information for supervisors reporting and to take ownership of specified projects and tasks
  • Demonstrate Strong knowledge about Third Party Lifecycle Management, Regulatory guidelines Contract Terms & conditions, Information Security, Regulations (OCC, GDPR, Data Privacy Laws, and Country specific Local Laws etc)
  • Providing process guidance and support to Third Party Officers (TPOs), Business Activity Owners (BAOs) and other business stakeholders on end-to-end Third-Party Management requirements and set up periodical review meeting with all the stakeholders
  • Facilitating and coordinating with various Policy Owners in areas such as Data Privacy, Export Licensing, Information Security and Continuity of Business (CoB)
  • Provide guidance to junior TPU analysts on the process execution
  • Act as Level 2 Reviewer in the team and guide the team members as needed
  • Verify if third parties’ policies and procedures are compliant to Citi’s policies and procedures
  • Identify and report gaps if any, to senior management
  • Fulltime
Read More
Arrow Right

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Program Management Analyst

The Third Party Management Program Execution provides operational support, proce...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 6+ years of working experience in financial services / Banking industry
  • Professional Qualification preferably CA fresher’s
  • Excellent Communication skills
  • Good excel skills
Job Responsibility
Job Responsibility
  • Demonstrate Strong knowledge about Third Party Lifecycle Management, Regulatory guidelines Contract Terms & conditions, Information Security, Regulations (OCC, GDPR, Data Privacy Laws, and Country specific Local Laws etc)
  • Providing process guidance and support to Third Party Officers (TPOs), Business Activity Owners (BAOs) and other business stakeholders on end-to-end Third-Party Management requirements and set up periodical review meeting with all the stakeholders
  • Facilitating and coordinating with various Policy Owners in areas such as Data Privacy, Export Licensing, Information Security and Continuity of Business (CoB)
  • Act as Level 1 Reviewer in the team and understand the nuances of the Third-Party Management process in detail
  • Participates in team meetings to analyze documentation and processes to ensure risks and control points are properly addressed
  • Assists management group in gathering data and information for supervisors reporting and to take ownership of specified projects and tasks
  • Verify if third parties’ policies and procedures are complaint to Citi’s policies and procedures. Identify and report gaps if any, to senior management
  • Identify opportunities for better control and productivity enhancement through various process reengineering initiatives and automation projects including but not limited to Robotic Process Automations
  • Analyzing the data and forecast trends with respect to inherent risk associated with third parties and build controls to mitigate such risks
  • Work with Operations standards team to identify the process gaps and take measures in mitigating the same
  • Fulltime
Read More
Arrow Right

Security Intelligence Analyst

Figure is seeking a specialized and proactive Security Intelligence Analyst to j...
Location
Location
United States , San Jose
Salary
Salary:
105000.00 - 145000.00 USD / Year
figure.ai Logo
Figure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of equivalent experience
  • Demonstrated experience in intelligence analysis, preferably within protective intelligence, executive protection, or related corporate security environments
  • Strong analytical, problem-solving, and organizational skills with the ability to assess threats specific to executive protection
  • Proficient in utilizing intelligence tools, incident management systems, CCTV, dispatch, and protective intelligence platforms to build POI profiles, case files, and investigative products
Job Responsibility
Job Responsibility
  • Monitor global events and provide real-time intelligence and oversight of Figure operations
  • Integrate internal and external intelligence sources to research, analyze, and aggregate threat data related to executive movements, public appearances, and exposure
  • Conduct protective intelligence assessments to identify individuals, groups, or movements posing potential threats to executives, utilizing research skills and behavioral threat analysis techniques
  • Provide direct intelligence support and coordinate with both in-house and third-party security teams, ensuring actionable threat assessments and real-time situational awareness
  • Utilize social media monitoring, Open Source Intelligence (OSINT), and specialized protective intelligence tools to track potential hostile surveillance, protests, threats, or emerging risks to executives and company operations
  • Compile and report on senior executive travel, including upcoming travel reports and daily executive travel briefings to ensure situational awareness
  • Conduct ad-hoc briefings for senior security leadership on unfolding events impacting executives
  • Develop specialized protective intelligence products such as Executive Threat Profiles, Event Risk Assessments, and Protective Travel Advisories
  • Coordinate with GSOC peers to align global incident responses, escalation procedures, and the dispatch of protective services, providing frontline leadership and infusing protective intelligence capabilities across the wider team
  • Serve as a trusted advisor and backup to the GSOC Lead, as needed
  • Fulltime
Read More
Arrow Right

Program Management Jr Analyst

The Third Party Management Program Execution provides operational support, proce...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 6+ years of working experience in financial services / Banking industry
  • Professional Qualification preferably CA fresher’s
  • Excellent Communication skills
  • Good excel skills
  • Bachelor’s degree required
  • Professional Qualification – CA preferred
Job Responsibility
Job Responsibility
  • Demonstrate Strong knowledge about Third Party Lifecycle Management, Regulatory guidelines Contract Terms & conditions, Information Security, Regulations (OCC, GDPR, Data Privacy Laws, and Country specific Local Laws etc.)
  • Providing process guidance and support to Third Party Officers (TPOs), Business Activity Owners (BAOs) and other business stakeholders on end-to-end Third-Party Management requirements and set up periodical review meeting with all the stakeholders
  • Facilitating and coordinating with various Policy Owners in areas such as Data Privacy, Export Licensing, Information Security and Continuity of Business (CoB)
  • Act as Level 1 Reviewer in the team and understand the nuances of the Third-Party Management process in detail
  • Participates in team meetings to analyze documentation and processes to ensure risks and control points are properly addressed
  • Assists management group in gathering data and information for supervisors reporting and to take ownership of specified projects and tasks
  • Verify if third parties’ policies and procedures are complaint to Citi’s policies and procedures
  • Identify and report gaps if any, to senior management
  • Identify opportunities for better control and productivity enhancement through various process reengineering initiatives and automation projects including but not limited to Robotic Process Automations
  • Analyzing the data and forecast trends with respect to inherent risk associated with third parties and build controls to mitigate such risks
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy