Third-Party Cybersecurity Risk Management Analyst

Overview

Remote
$80,000 - $100,000
Full Time

Skills

CISSP
Cyber Security
Risk Assessment
Vendor Management

Job Details

We have a Third-Party Cybersecurity Risk Management Analyst contract position with our direct client,, that I m hoping you ll be interested in. Please have a look at the details below, and if you'd like to interview, then fill in the attached application form and get it back to me today along with your current resume in Word format. I'm happy to answer any questions you have.

Title: Third-Party Cybersecurity Risk Management Analyst (Specialist)

Work Location: Remote (may require 2 days per month onsite in Jefferson City)

Contract Duration: 8+ months

Pay: Please provide your expected pay in the attached form

Job Description:

We are looking for a Cyber Risk & Third-Party Risk Management Analyst to support our cybersecurity initiatives and strengthen our vendor risk management framework. The candidate will play a key role in assessing, developing, and implementing a standardized approach to managing third-party risks across multiple agencies.

Required Experience (5+ years):

  • Experience in Cyber Risk Management or Cyber Security.
  • Experience deploying Third-Party Risk Management programs.
  • Experience reviewing existing vendor management processes, identifying gaps in third-party cybersecurity practices, and creating robust processes, procedures and guidelines for a standardized and consistent approach to third-party risk management.
  • Experience developing comprehensive frameworks for vendor assessments, incorporating best practices in risk management.
  • Experience developing detailed documentation for a standardized approach to the Third-Party Risk Management program.
  • Experience conducting train-the-trainer sessions for staff and designing process manuals.

Preferred Certification:

  • Certifications in cyber risk management or cybersecurity, such as CRISC, CGRC, CISSP.
  • Certifications in third-party risk assessment, such as CTPRA.

Responsibilities:

  • Review existing vendor management processes across the agencies.
  • Identify gaps in third-party cybersecurity practices
  • Create robust processes, procedures and guidelines for a standardized and consistent approach to third-party risk management.
  • Develop and implement risk evaluation methods, including questionnaires, audits, or third-party data.
  • A comprehensive framework for vendor assessment will be created, incorporating best practices in risk management.
  • Develop detailed documentation for a standardized approach to the Third-Party Risk Management program.
  • Create a vendor risk categorization system (High, Medium, Low) to classify vendors based on their impact on operations.
  • Assist in deploying the program in a pilot.
  • Iterate based on feedback and extend across other agencies.

Conduct train-the-trainer sessions for staff and provide a process manual

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.