Associate - Cyber Risk - Subsidiary Risk Assessment

Cyber Associate

Key Responsibilities and Duties
- Assists in the development of cyber risk strategies and develops identity and access programs and expands the organization's network security.
Coordinates activities within the lifecycle of cybersecurity projects for medium and enterprise size clients.
- Utilizes cyber security analytics and ethical hacking techniques and ensures system information is protected and secure.

Educational Requirements
- University (Degree) Preferred

Work Experience
- 2+ Years Required; 3+ Years Preferred

Physical Requirements
- Physical Requirements: Sedentary Work

Career Level

6IC

The Info Security Analyst will be responsible for supporting the Cybersecurity Supplier Assessment Team within Client Services & Technology (CS&T). This position will support the execution of the Cybersecurity Supplier Assessment Service Offering, which is responsible for ensuring there is a process to assess critical third-party vendors and suppliers, as well as subsidiaries, and determine if they have controls in place to protect company and customer confidential information in compliance with regulatory guidelines and corporate policies. The Cybersecurity Supplier Assessment Team’s responsibilities are aligned to the Enterprise Vendor Management Program and Supplier Risk Management framework and work closely with Legal, Privacy, Line of business, and Enterprise Risk.
- Day-to-day operations and execution of Cybersecurity Third Party and Subsidiary Risk Assessments:
- Maintain and perform assessments on the existing the suppliers and subsdiaries that are used by the firm-
- Manage and perform assessments on new supplier requests-
- Cybersecurity assessment due diligence may include:- Partnering with line of business (LOB) to identify/determine inherent cyber risk of supplier-
- Completing assessment/Coordinating with assessor to execute assessment-
- Identify/Review risk issues and gaps-
- Partner with LOB to provide guidance for residual risk mitigation and to review supplier’s issue closure evidence-
- Communicate effectively with representatives of the Lines of Business, technology specialists, risk partners, and vendors; escalate when needed- Develop and drive program efficiencies:
- Develop deep understanding of third-party and subsidiary risk program and provide guidance to internal partners-
- Identify process improvements throughout the end to end Cybersecurity third party and subsidiary risk assessment process-
- Collaborate across extended teams to drive efficiencies within the supporting system (Archer), overall supplier engagement, and supplier due diligence-
- Maintenance and enhancements to the documented policies and procedures- Reporting and metrics:
- Monitoring and reporting on program compliance and performance-
- Drive metric maturity and automation focused on risk-
- Assist with assembling periodic metric reporting to be presented to associated LOBs, Sr. Management and Risk Committees- Contract reviews:- #LI-RK1

___________________________________________________

Company Overview

TIAA GBS India was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA GBS India is focused on building a scalable and sustainable organization, with a focus on technology, operations and expanding into the shared services business space.

Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Accessibility Support

Phone: (800) 842-2755

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click

here


For Applicants of TIAA, Nuveen and Affiliates residing in California, please click

here


For Applicants of Nuveen residing in Europe and APAC, please click

here


For Applicants of Greenwood residing in Brazil (English), click

here


For Applicants of Greenwood residing in Brazil (Portuguese), click

here


For Applicants of Westchester residing in Brazil (English), click

here


For Applicants of Westchester residing in Brazil (Portuguese), click

here

.