Third-Party Risk Analyst Job at Robert Half (Baltimore)

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...

Location

France , Paris

Salary:

Not provided

Ledger

Expiration Date

Until further notice

Requirements

Master degree in Information Security, Cybersecurity, or a related field
5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.

Job Responsibility

Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
Develop and implement risk mitigation strategies to address identified vulnerabilities
Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.

What we offer

Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
Flexibility: A hybrid work policy
Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
Well-being: Personal development, coaching & fitness with our dedicated partners
Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
High tech: Access to high performance office equipment and gadgets
Transport: Ledger reimburses part of your preferred means of transportation
Discounts: Employee discount on all our products.

Fulltime

Third Party Risk Management Intermediate Analyst

Opportunity to work in a dynamic team that supports every business and functions...

Location

India , Chennai

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

2-5 years relevant experience working on project management activities including regulatory change and remediation work
Good at stakeholder management and working collaboratively with partnering teams to achieve an outcome
Good Excel and Powerpoint skills
Bachelor’s/University degree

Job Responsibility

Ensure effective adherence to local and global third-party risk management regulations, policies, and standards
Provide active support to Cluster and Country Third Party Governance Forums, facilitating communication and collaboration
Collaborate closely with stakeholders across the Europe Cluster, including country-level teams, to ensure alignment with the TPM framework and address any compliance gaps
Proactively identify and escalate potential risks and compliance issues to relevant stakeholders, including In-Business Risk, Third Party Officers, and Business Activity Owners
Continuously monitor Key Risk Indicators (KRIs) to identify emerging third-party risks
Conduct thorough root cause analyses to understand underlying issues and develop effective mitigation strategies
Critically evaluate existing TPM practices and identify opportunities for improvement
Lead initiatives to enhance standards, procedures, controls, and governance processes, ensuring the ongoing sustainability and optimization of the TPRM program in Malaysia
Provide expert guidance and support to country business teams on interpreting and implementing Third Party Risk Management policies, regulations, and local procedures
Collaborate with internal and external stakeholders, including Independent Operational Risk Management, Compliance, Internal Audit, and Regulators, to facilitate audits, regulatory examinations, and information requests

Fulltime

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...

Location

France , Paris

Salary:

Not provided

Ledger

Expiration Date

Until further notice

Requirements

Master degree in Information Security, Cybersecurity, or a related field
5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels

Job Responsibility

Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
Develop and implement risk mitigation strategies to address identified vulnerabilities
Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
Participate in audits as part of the Privacy audit program according to the agreed annual audit plan

What we offer

Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
Flexibility: A hybrid work policy
Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
Well-being: Personal development, coaching & fitness with our dedicated partners
Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
High tech: Access to high performance office equipment and gadgets
Transport: Ledger reimburses part of your preferred means of transportation
Discounts: Employee discount on all our products

Fulltime

Cybersecurity Third-Party Risk Analyst

We are seeking a detail-oriented and security-conscious Cybersecurity Third-Part...

Location

United States , Tempe

Salary:

Not provided

Circle K

Expiration Date

Until further notice

Requirements

Bachelor’s degree in cybersecurity, information technology, risk management, or a related field
2-4 years of experience in cybersecurity risk assessment, vendor risk management, or a similar role
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, SOC 2, CIS, GDPR, HIPAA)
Familiarity with third-party risk management platforms and security assessment tools
Ability to analyze security reports and communicate risk findings effectively
Strong problem-solving skills and attention to detail
Excellent verbal and written communication skills.

Job Responsibility

Conduct comprehensive security assessments of third-party vendors to identify potential risks and vulnerabilities
Evaluate vendor security policies, procedures, and controls to ensure compliance with company and industry standards
Develop and maintain third-party cybersecurity risk management (TPCRM) frameworks, policies, and procedures
Work closely with procurement, legal, and cybersecurity compliance teams to integrate security requirements into vendor contracts
Monitor vendor security performance using automated tools, questionnaires, and periodic audits
Stay updated on cybersecurity threats, regulatory requirements, and best practices for third-party risk management
Collaborate with internal teams to address security concerns related to third-party vendors
Maintain foundational documentation related to the third-party process
Provide recommendations and remediation guidance to vendors with identified security gaps.

Program Management Analyst

The Program Management Analyst - C10 will be responsible for executing day-to-da...

Location

India , Chennai

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

Minimum 8 years of working experience in Financial services / Banking industry with strong knowledge of banking regulatory requirements
Preferred 3+ years of direct, relevant experience in third-party risk identification and management, operational risk management, compliance and/or audit
Knowledge of third-party management risk and control methodologies and best practices
Bachelor’s degree required
Master’s degree or any other equivalent is preferred

Job Responsibility

Facilitate Citi businesses’ ongoing compliance with Third Party Management requirements outlined in Citi policies and standards
Providing process guidance and support to Third Party Officers (TPOs), Business Activity Owners (BAOs), and other business stakeholders on end-to-end Third Party Management requirements and set up periodical review meetings
Execute various third-party risk assessment controls as identified by the Third Party Risk Assessment Process and provide guidance to TPU Process Analysts on process execution
Verify if all critical data fields are captured accurately while onboarding the suppliers into Master supplier database and Payment systems
Ensure that all suppliers are screened against the Negative/SDN list on a periodic basis and escalate any positive matches to senior management
Verify if third parties’ policies and procedures are compliant with Citi’s policies and procedures and report gaps to senior management
Partner with Sourcing and Business and provide approval to sign contracts once all due diligence activities are completed and gaps are remediated
Undertake onsite Reviews and Video conferencing sessions with Third Parties to perform Risk Management activities
Review the contractual terms and conditions agreed between Citi and third party and perform controls checks
Perform Quality Check on the control assessments performed by TPU Risk Analysts and provide guidance

What we offer

Equal opportunity employer
Accessibility accommodations for persons with disabilities

Fulltime