Third-Party Cyber Risk Analyst

Third-Party Cyber Risk Analyst

24 Sep 2024
New York, New york city 00000 New york city USA

Third-Party Cyber Risk Analyst

TIAA has a fantastic opportunity for a Third-Party Cyber Risk Analyst. This position will identify and manage potential information security risks to the environment by conducting control assessments, vendor due diligence and identifying remediation action plans to mitigate Information Security risks. This role works under limited supervision and will also support the overall program and process execution of the vendor risk management team and to drive improvements to minimize risk exposure to the organization.Key Responsibilities and Duties

Demonstrates deep understanding of Third-Party Cyber Risk Management practices andprovides guidance to internal partners as required.

Completes Third Party Cyber Risk assessments to identify risks and validates implementedsecurity controls to mitigate those risks.

Builds effective relationships with both internal/external stakeholders.

Collaborates with internal teams and third-party resources to communicate gaps identifiedthrough the assessment and provides recommendations to close the gaps.

Documents and creates issues in the Issue Management system and collaborates with externalpartners to drive remediation of the risks.

Demonstrates effective communication skills to collaborate with representatives of the Lines-of-Business, technology areas, risk partners, and vendors in performing their role.

Demonstrates ability to identify issues, develop plans to resolve, and understands how toescalate when needed.

Applies critical thinking to situations where incomplete / imperfect information is available.

Facilitates implementation of the Cyber organization’s global strategies and initiatives toenhance Information Technology plans, operations, and procedures.

Works with technology and risk partners to create remediation action plans to mitigatecybersecurity risks and governs action plans through until completion.

Collaborates across extended teams to identify optimization opportunities and driveefficiencies within the vendor engagement and vendor due diligence processes.

Maintains and enhances documented policies and procedures.

Breaks down strategic problems and analyzes data and information to provide insights andrecommendations.

Educational Requirements

University (Degree) Preferred

Work Experience

5+ Years Required; 7+ Years Preferred

Physical Requirements

Physical Requirements: Sedentary Work

Career Level8ICQualifications:Required:

Minimum of 5+ years of relevant experience in Third Party Risk Management to include end-to-end vendor risk assessment.

At least three (3) years of experience working with Third Party Risk Management processes, and controls.

Preferred:

Ability to collaborate with all levels of stakeholders both internal/external to the organization.

Ability to communicate both in writing and orally.

Knowledgeable of new/emerging practices within cybersecurity and controls.

Possess technical background in engineering to help identify tools and technologies that can support our Third-Party Risk Management program.

Experience working with Agile teams leveraging industry standard tools including Jira.

#LI-VR1Related SkillsAccountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes EffectivelyAnticipated Posting End Date:2024-10-12Base Pay Range: $104,100/yr. - $167,100/yr.Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).Company OverviewTIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.Benefits and Total RewardsThe organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That’s why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our Benefits Summary (https://www.tiaa.org/public/pdf/benefits-at-a-glance.pdf) .Equal OpportunityWe are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.Read more about the Equal Opportunity Law here (https://www.dol.gov/general/topics/posters) .Accessibility SupportTIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:Phone: (800) 842-2755Email: accessibility.support@tiaa.orgPrivacy NoticesFor Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .TIAA started out over 100 years ago to help ensure teachers could retire with dignity. Today, many people who work at not-for-profits rely on our wide range of financial products and services to support and strengthen their financial well-being.Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .

For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .

Nondiscrimination & Equal Opportunity EmploymentTIAA is committed to providing equal opportunity across all employment practices and we believe our employees have a right to a diverse and inclusive workplace.EEO is the Law (https://assets.phenompeople.com/CareerConnectResources/TIAAGLOBAL/documents/22-088EEOCKnowYourRights-1688394514088.pdf)Pay TransparencyPhiladelphia Ban the Box (https://www.phila.gov/media/20210423160847/Fair-Chance-Hiring-law-poster.pdf)

Related jobs

Job Details

Jocancy Online Job Portal by jobSearchi.