TPRM Information Security Finding Management
1 month ago
Job Title
TPRM Information Security Finding Management - Assistant Vice President Management
Role Summary & Role Description
- Provide thought leadership, expert oversight and direction to business stakeholders on the risk assessment and areas of non-compliance
- Collaborate with relevant business function and TPRM risk domain stakeholders to enable effective and efficient risk mitigation
- Develop, maintain, improve and implement operating manuals and standards related to TPRM Findings ManagementÂ
- Flexibility in working outside of direct responsibilities to support emerging TPRM program requirement changes.
- Attend the risk assessment closure meetings and review issues and remediation plans related to third-party engagements. Responsible for challenging the findings appropriateness and accuracy and quality of the documentation (e.g. issue criteria, condition, cause, consequence; consistency of the issue rating; residual risk, appropriate risk event description; design of remediation activities, etc)
- Support issue owners in technical understanding of the finding, assess the impact and likelihood, expected remediation actions and accordingly help prepare a management response.
- Reviewing materials in support of issue closure or risk acceptance. Verify that evidence submitted with the closure request adequately supports completion of all remediation plan(s), including evidence of operational implementation. For risk acceptance, confirm approval documentation is complete and accurate in Archer.
- Follow-up with issue owner and internal risk teams to facilitate timely closure/risk acceptance of open issues and periodic reassessment of risk acceptances.
- Prepare risk metrics and executive dashboards for presentation to relevant management and risk committees.
- Regularly assess TPRM Findings Management processes, procedures, tools and technology integrations and drive associated improvements that optimize business outcomes, increase compliance and enhance cross functional insights.
Core/Must have skills
10+ years' experience in security infrastructure and network security control system risk assessment and / or management, utilizing ICS â CERT cybersecurity frameworks and standards such as NIST, ISO, NERC SIP, ISA/IEC.
Key technical skills include knowledge of network security, system administration, risk management, vulnerability assessment, and IT security testing.
Experience of working with stakeholders, third-party vendors, internal teams to address security risk and vulnerabilities.
Good to have skills.
In addition to technical skills, strong non-technical skills such as critical thinking, problem-solving, attention to detail, and communication skills.    Â
Industry certifications like CISSP-ISSMP, CISM, CISSP, CISA, CompTIA Network+, CompTIA CYSA, or related cycbersecurity certifications is preferred
Work Schedule
Hybrid
Keywords (If any)
Information security risk, security infrastructure / network security vulnerability issue management, third party cyber risk assessment Â
Why this role is important to us
State Street uses third-party vendors to support internal processes and to assist in delivery of products and services to clients. In order to effectively manage the risks introduced by working with third-party service providers, State Street has a Third-Party Risk Management (TPRM) program for conducting risk assessments and subsequent findings management. The findings management process is often an exercise in project management all on its own and the dedicated TPRM Findings Management team has primary responsibility of this project leading to mitigation of Third-Party risk in collaboration with relevant internal stakeholders.
The successful candidate will demonstrate a strong grasp of multiple risk disciplines and related control expectations pertaining to the financial services industry, particularly in the information security, privacy, resiliency, and compliance risk areas.Â
About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, weâre making our mark on the financial services industry. For more than two centuries, weâve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. Youâll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employeesâ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers
-
Third-Party Risk Management
6 days ago
Hyderabad, India Live Connections Full timeJob Description:We are seeking a talented and experienced Third-Party Risk Management (TPRM) Consultant with a primary focus on vendor risk assessment and vendor onboarding processes. The ideal candidate will have a strong background in risk management, with specific expertise in assessing and onboarding third-party vendors across various business functions....
-
Third-Party Risk Management
6 days ago
Hyderabad, India Live Connections Full timeJob Description: We are seeking a talented and experienced Third-Party Risk Management (TPRM) Consultant with a primary focus on vendor risk assessment and vendor onboarding processes. The ideal candidate will have a strong background in risk management, with specific expertise in assessing and onboarding third-party vendors across various business...
-
Third-Party Risk Management
7 days ago
Hyderabad, India Live Connections Full timeJob Description: We are seeking a talented and experienced Third-Party Risk Management (TPRM) Consultant with a primary focus on vendor risk assessment and vendor onboarding processes. The ideal candidate will have a strong background in risk management, with specific expertise in assessing and onboarding third-party vendors across various business...
-
Third-Party Risk Management
6 days ago
Hyderabad, India Live Connections Full timeJob Description: We are seeking a talented and experienced Third-Party Risk Management (TPRM) Consultant with a primary focus on vendor risk assessment and vendor onboarding processes. The ideal candidate will have a strong background in risk management, with specific expertise in assessing and onboarding third-party vendors across various business...
-
Third-Party Risk Management
6 days ago
Hyderabad, India Live Connections Full timeJob Description: We are seeking a talented and experienced Third-Party Risk Management (TPRM) Consultant with a primary focus on vendor risk assessment and vendor onboarding processes. The ideal candidate will have a strong background in risk management, with specific expertise in assessing and onboarding third-party vendors across various business...
-
Senior GRC Analyst
1 month ago
Hyderabad, India Micron Full timeOur vision is to transform how the world uses information to enrich life for all. Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever. JR52649 Senior GRC Analyst KEY RESPONSIBILITIES ...
-
Senior GRC Analyst
4 weeks ago
hyderabad, India Micron Full timeOur vision is to transform how the world uses information to enrich life for all. Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever. JR52649 Senior GRC Analyst KEY RESPONSIBILITIES ...
-
Information Security GRC Manager
12 hours ago
Hyderabad, India IQ-EQ Full timeJob DescriptionResponsibilities (how we will measure success)To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight.Working as part of the Group...
-
Information Security GRC Manager
2 days ago
Hyderabad, India IQ-EQ Full timeJob DescriptionResponsibilities (how we will measure success)To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight.Working as part of the Group...
-
Information Security GRC Manager
2 days ago
hyderabad, India IQ-EQ Full timeJob DescriptionResponsibilities (how we will measure success) To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight. Working as part of the Group...
-
Senior Information Security Analyst
4 weeks ago
Hyderabad, India IQ-EQ Full timeJob DescriptionOutline of responsibilitiesWe are hiring an Information Security Analyst to work in our growing IT Security team. You will monitor our digital environment for security issues, respond to security requests, install and operate security software, and document any security issues or breaches you find. To do well in this role you should have a...
-
Information Security Lead
4 weeks ago
Hyderabad, India GCC SERVICES Full timeThe Information Security Lead will be responsible for providing leadership in the areas of Information Governance, Data Protection, and Cyber Security. This role involves developing and implementing policies, and ensuring compliance with relevant legislation and standards where we operate. The Information Security Lead will play a crucial role in...
-
Senior Information Security Analyst
1 month ago
Hyderabad, India IQ-EQ Full timeJob DescriptionOutline of responsibilitiesWe are hiring an Information Security Analyst to work in our growing IT Security team. You will monitor our digital environment for security issues, respond to security requests, install and operate security software, and document any security issues or breaches you find. To do well in this role you should have a...
-
Senior Information Security Analyst
4 weeks ago
hyderabad, India IQ-EQ Full timeJob DescriptionOutline of responsibilities We are hiring an Information Security Analyst to work in our growing IT Security team. You will monitor our digital environment for security issues, respond to security requests, install and operate security software, and document any security issues or breaches you find. To do well in this role you should have a...
-
Information Security Lead
1 month ago
hyderabad, India GCC SERVICES Full timeThe Information Security Lead will be responsible for providing leadership in the areas of Information Governance, Data Protection, and Cyber Security. This role involves developing and implementing policies, and ensuring compliance with relevant legislation and standards where we operate. The Information Security Lead will play a crucial role in...
-
Information Security Lead
1 month ago
Hyderabad, India GCC SERVICES Full timeThe Information Security Lead will be responsible for providing leadership in the areas of Information Governance, Data Protection, and Cyber Security. This role involves developing and implementing policies, and ensuring compliance with relevant legislation and standards where we operate. The Information Security Lead will play a crucial role in...
-
Head - Information Security
2 weeks ago
Hyderabad, India Future India Services Full timeRoles and Responsibilities :- Establish, Maintain and oversee the information security program across the organization- Develop and Implement security policies, procedures, standards and guidelines to protect the company's information assets- Identify and mitigate security risks and ensure compliance with relevant regulations and standards- Work with...
-
Head - Information Security
1 month ago
hyderabad, India Green Arrow Career Services Full timePosition : Head of Information SecurityLocation : HyderabadExperience : 15 to 18 yearsIT/Software Development : Network Description :Requirements and Qualifications :- A minimum of 15 years of IT experience, with at least 10 years in an information security role and at least 5 years in a supervisory capacity.- A bachelor's degree in information systems or...
-
Head - Information Security
2 weeks ago
Hyderabad, India Green Arrow Career Services Full timePosition : Head of Information SecurityLocation : HyderabadExperience : 15 to 18 yearsIT/Software Development : Network Description :Requirements and Qualifications :- A minimum of 15 years of IT experience, with at least 10 years in an information security role and at least 5 years in a supervisory capacity.- A bachelor's degree in information systems...
-
Head - Information Security
2 weeks ago
Hyderabad, India Green Arrow Career Services Full timePosition : Head of Information SecurityLocation : HyderabadExperience : 15 to 18 yearsIT/Software Development : Network Description :Requirements and Qualifications :- A minimum of 15 years of IT experience, with at least 10 years in an information security role and at least 5 years in a supervisory capacity.- A bachelor's degree in information systems...
