Overview
On Site
Full Time
Skills
IT risk
Security controls
Incident management
Cyber security
Cloud security
Identity management
Risk management
Vulnerability management
Architectural design
Network analysis
Customer Care and Billing
Management
eXist
Planning
Reporting
Operations
Policies
Finance
Agile
Network
FOCUS
Regulatory Compliance
Training
Job Details
Job Description:
The third party risk and controls management analyst will be responsible for conducting deep dive technical risk reviews of our highest risk suppliers Working across multiple systems of record, this role will identify areas of technical risk to the business by analyzing IT architectures, security controls, evolving industry practices, etc and document where controls do not exist or need improvement These technical deep-dive reviews will then been evaluated against technical and business resilience planning, incident response plans, and cyber intelligence reporting.
Requirement:
Additional Skills:cloud security, identify and access management, third party risk management, vulnerability management
Security
System Analyst
Technical
TOols/ Technology
Strong working knowledge of operations practices,
risk management processes, principles, architectural
requirements and threats and vulnerabilities in the
context of Cybersecurity as well as incident response
handling methodologies as they apply
Strong knowledge of national and international laws,
regulations, policies and ethics as they relate to
Cybersecurity and specifically in the financial
industry
Expert in their field; keeps technical skills current,
participates in multiple forums
May be multi-skilled across the full range of team
functions
Strong understanding of Agile, with the ability to
work under at least one of the common frameworks
Knowledge of what constitutes a network attack and
the relationship to both threats and vulnerabilities
along with the ability to identify systemic security
issues
Provides in-depth analysis of vulnerabilities, threats,
designs, procedures and architectural design with
focus on recommendations for enhancements or
remediation with skill in using network analysis tools
Compliance required for local, country, and/or
region specific standards for credentials,
certifications and/or training.
The third party risk and controls management analyst will be responsible for conducting deep dive technical risk reviews of our highest risk suppliers Working across multiple systems of record, this role will identify areas of technical risk to the business by analyzing IT architectures, security controls, evolving industry practices, etc and document where controls do not exist or need improvement These technical deep-dive reviews will then been evaluated against technical and business resilience planning, incident response plans, and cyber intelligence reporting.
Requirement:
Additional Skills:cloud security, identify and access management, third party risk management, vulnerability management
Security
System Analyst
Technical
TOols/ Technology
Strong working knowledge of operations practices,
risk management processes, principles, architectural
requirements and threats and vulnerabilities in the
context of Cybersecurity as well as incident response
handling methodologies as they apply
Strong knowledge of national and international laws,
regulations, policies and ethics as they relate to
Cybersecurity and specifically in the financial
industry
Expert in their field; keeps technical skills current,
participates in multiple forums
May be multi-skilled across the full range of team
functions
Strong understanding of Agile, with the ability to
work under at least one of the common frameworks
Knowledge of what constitutes a network attack and
the relationship to both threats and vulnerabilities
along with the ability to identify systemic security
issues
Provides in-depth analysis of vulnerabilities, threats,
designs, procedures and architectural design with
focus on recommendations for enhancements or
remediation with skill in using network analysis tools
Compliance required for local, country, and/or
region specific standards for credentials,
certifications and/or training.