Risk Management Analyst Cybersecurity and Third-Party Risk

Overview

On Site
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 1 year

Skills

cissp
compliance
Risk Identification
cybersecurity
mitigation
CRISC
CGRC
Risk Management Analyst
Third-Party Risk
CTPRA
and vendor security evaluation.
third-party risk and vendor security evaluation.
cyber risk management

Job Details

Role: Risk Management Analyst Cybersecurity & Third-Party Risk

Location: Jefferson City, MO (Onsite) Duration: 12 14 Months Certifications Preferred: CRISC, CGRC, CISSP, CTPRA

???? Purpose of the Role

The State of Missouri is launching a comprehensive Third-Party Risk Management (TPRM) Program to address rising cybersecurity threats from external vendors and service providers. This initiative supports compliance with NIST SP 800-53 Rev. 5 and aims to standardize risk identification, mitigation, and monitoring across state agencies.

????? Key Responsibilities

  • Define objectives for risk identification, mitigation, compliance, and vendor security evaluation.
  • Conduct gap analysis and develop standardized TPRM policies and procedures.
  • Implement risk evaluation methods (e.g., questionnaires, audits, third-party data).
  • Build a vendor assessment framework based on industry standards and best practices.
  • Utilize tools like UpGuard to perform initial vendor risk analysis.
  • Pilot the vendor assessment process and refine based on findings.
  • Evaluate framework effectiveness and finalize implementation strategy.
  • Deliver train-the-trainer sessions and create a comprehensive process manual.

? Required Qualifications

  • 2+ years of experience in cyber risk management or cybersecurity.
  • Strong understanding of third-party risk and vendor security evaluation.

???? Preferred Certifications

  • CRISC Certified in Risk and Information Systems Control
  • CGRC Certified in Governance, Risk and Compliance
  • CISSP Certified Information Systems Security Professional
  • CTPRA Certified Third Party Risk Assessor

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.