
09 - Senior Specialist, IT Risk and Compliance
10 hours ago
Summary
We are seeking a highly motivated and experienced Senior Analyst to join our Third Party IT Risk Management team. This role is responsible for identifying, assessing, and mitigating information technology risks associated with our third-party relationships. The ideal candidate will possess a strong understanding of IT risk management frameworks, cybersecurity principles, and relevant regulatory requirements. You will play a crucial role in protecting our organization's data and systems by ensuring our vendors and partners adhere to our security standards.
Detailed Description
Performs tasks such as, but not limited to, the following:
- - Vendor Risk Assessment: Conduct comprehensive IT risk assessments of new and existing third-party vendors. This includes evaluating their security policies, procedures, and controls against industry best practices and our internal security requirements.
- Due Diligence: Perform initial and ongoing due diligence on third-party vendors to ensure their security posture remains strong throughout the vendor lifecycle.
- Contract Review: Collaborate with legal and procurement teams to review and negotiate IT security-related clauses in third-party contracts and agreements.
- Continuous Monitoring: Implement and manage a continuous monitoring program to track the security performance of critical vendors. This includes analyzing security ratings, vulnerability reports, and incident notifications.
- Incident Response: Act as a key point of contact for any security incidents involving third-party vendors. This includes coordinating response efforts and ensuring timely resolution.
- Reporting: Develop and maintain risk dashboards and reports for senior management, providing a clear view of the third-party risk landscape.
- Policy and Procedure Development:Contribute to the development and enhancement of our third-party IT risk management policies, standards, and procedures
Knowledge/Skills/Competencies
- - Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- Experience: 10-15 years of experience in IT risk management, cybersecurity, or a related field, with a specific focus on third-party risk management.
- Framework Knowledge: In-depth knowledge of IT risk management frameworks such as NIST (800-53, CSF), ISO 27001, and COBIT.
- Regulatory Familiarity: Understanding of relevant data privacy and protection regulations (e.g., GDPR, CCPA).
- Technical Skills:
- Proficiency with third-party risk management tools and platforms.
- Strong understanding of network security, cloud security, application security, and data protection principles.
- Experience with security assessment methodologies and tools.
- Soft Skills:
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences.
- Proven ability to manage multiple projects and priorities in a fast-paced environment.
- Strong interpersonal skills with the ability to build and maintain effective working relationships with internal and external stakeholders.
Physical Demands
- Duties of this position are performed in a normal office environment.
- Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.
Typical Experience
- - Certifications: Professional certifications such as CRISC, CISM, CISA, or CISSP are highly desirable.
- Industry Experience: Experience working in a manufacturing, and regulated industry (e.g., finance, healthcare) is a plus.
Typical Education
Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
Experience: 10-15 years of experience in IT risk management, cybersecurity, or a related field, with a specific focus on third-party risk management.
Notes
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
-
Risk and Compliance Specialist
3 days ago
India beBeeCompliance Full time ₹ 15,00,000 - ₹ 20,00,000Risk and Compliance Specialist RoleWe are seeking a skilled Risk and Compliance Specialist to join our team. As a key member, you will play a critical role in ensuring the robustness of our risk and compliance function.This position involves working closely with the Senior Risk Manager to identify and mitigate potential risks. Your responsibilities will...
-
Compliance Manager
3 days ago
India beBeeRiskManagement Full time US$ 12,00,000 - US$ 16,00,000Compliance Manager - Risk and Assurance SpecialistWe are seeking a seasoned Compliance Manager to drive scalable risk and assurance solutions across our MEA region. This role requires expertise in Payments and Financial Regulation, as well as the ability to collaborate effectively with cross-functional teams.Key responsibilities include:Developing and...
-
Risk Compliance Specialist
8 hours ago
India beBeeCompliance Full time ₹ 1,00,00,000 - ₹ 2,00,00,000Job SummaryThis role involves leading efforts to ensure compliance with environmental regulations across multiple jurisdictions, focusing on waste streams such as packaging, electronics, and batteries. As a Risk Manager, you will play a crucial part in Amazon's commitment to sustainability.Key Responsibilities:Manage end-to-end processes for Producer...
-
Senior IT Risk Specialist
3 hours ago
India beBeeRiskManagement Full time ₹ 21,15,200 - ₹ 28,90,400IT Risk Specialist WantedWe are seeking an experienced IT risk professional to join our team.About the Role:This position involves conducting comprehensive IT risk assessments of new and existing third-party vendors.The successful candidate will be responsible for performing initial and ongoing due diligence on third-party vendors, reviewing and negotiating...
-
India Amazon Music Full timeJob DescriptionDESCRIPTIONCome build the future with usAt Amazon we expect no more and no less from you. Ever since Amazon opened its virtual doors, our aim has been to become the most customer-centric company in the world. How By having people like you who make sure that our customers can find everything that they are looking for online - at great value and...
-
Senior Financial Compliance Specialist
1 day ago
India beBeeCompliance Full time ₹ 87,95,000 - ₹ 1,24,72,500Job Opportunity: Senior AssociateWe are seeking a highly skilled Senior Associate to join our organisation. The successful candidate will be responsible for ensuring compliance with financial regulations across the organisation, including managing submissions of client money and asset returns.Key Responsibilities:Manage and oversee client money and asset...
-
Senior Associate
3 days ago
India beBeeRegulatory Full time US$ 8,00,000 - US$ 12,50,000Job OpportunityWe are seeking a Senior Associate to join our Compliance Risk Services team. The ideal candidate will have experience in compliance and risk assessment, with a strong understanding of regulatory requirements.Key Responsibilities:Conduct thorough risk assessments to identify potential compliance issues.Analyze complex regulatory requirements...
-
India Amazon Music Full timeJob DescriptionDESCRIPTIONOur vision is to make Amazon Pay as the most trusted, convenient and rewarding Payment Experience. Given the highly sensitive nature of Payments business, it is imperative to have robust Risk and Compliance function, to ensure adherence to regulatory compliance and risk management and that's where Risk and Compliance Solutions (RCS)...
-
Remote, India Rackspace Technology Full timeJob DescriptionRisk & Compliance Specialist - SOX & PCI Focus2-5 YearsLocation: RemoteDepartment: Risk Management / Compliance / GRCPosition SummaryWe are seeking a detail-oriented and proactive Risk & Compliance Specialist with 3-5 years of experience to support our organization's compliance initiatives related to SOX (Sarbanes-Oxley Act) and PCI DSS...
-
Security Risk and Compliance Expert
1 day ago
India NOKIA Full timeSecurity Risk and Compliance Expert will be instrumental in shaping the global Information Security Management System (ISMS) within our Group Security team. This role involves engaging with various Business Groups and Corporate Functions to identify and manage information security risks, ensuring compliance and enhancing our security posture. Facilitate risk...