Software Guidance & Assistance, Inc., (SGA), is searching for a
Cybersecurity Incident and Risk Manager for a
CONTRACT assignment with one of our premier
Financial Services clients in
Alpharetta, GA. Fusion TPCR team is responsible for analysis and triaging of cyber intelligence pertaining to Firm's third-party events / incidents and vulnerabilities. This includes determining required response actions, evaluating potential Firm impact & exposure, and performing internal and external outreach to understand the impact.
Key Focus Areas: - Vendor cyber security related events and vulnerabilities related analysis, triaging, outreach , escalation and reporting.
- Explore automation to enhance efficiency and quality of various team processes.
- Collaboration with relevant stakeholders to identify and enhance the Third-Party Cyber event and incident process.
Responsibilities :
- Perform initial triage to understand the scope of services provided by the potentially impacted third party, including identification of Firm systems and applications potentially impacted.
- Initiate outreach to the vendor to confirm whether third party and Firm have been impacted.
- Establish clear communication channels for timely follow-ups, updates and escalation.
- Apply foundational knowledge of attack vectors, techniques, and phases across network, cloud, and OS environments, as deemed required for incident management.
- Coordinate with multiple internal teams throughout the incident lifecycle until closure.
- Ensure alignment on remediation, communication, and reporting requirements.
- Identify cybersecurity, operational, reputational risks related to Firm's third-party and Nth-party relationships.
- Fulfil periodic reporting obligations.
- Maintain comprehensive documentation for audit trail, throughout incident lifecycle as required.
- Identify unique use cases, improvement scope in current process, document lessons learned and recommend process improvements to prevent recurrence.
- Regularly review and update Team Procedures and Runbook as required.
Required Skills:
- 8+ years of relevant experience in financial industry / technology, either in Incident Management or Third Party Risk Management (including Vendor Risk Assessments) fields.
- Strong understanding of cybersecurity principles, ability to analyse threat intelligence and vendor reports.
- Excellent communication and presentation skills-both written and verbal; must be comfortable interacting with all management levels and a global workforce (strong English proficiency is essential).
- Strong data analysis and reporting capabilities.
- Proficiency with Microsoft Office (Excel, Word, PowerPoint); familiarity with ProcessUnity or ServiceNow is a plus.
- A detail oriented, accurate, tenacious, and delivery focused mindset.
- Basic knowledge of attack vectors and phases, and flexibility to work in shifts.
Preferred Skills:
- Industry Certification such as CISA, CISSP, CISM, CRISC an advantage
- Experience with Python development.
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.