Skip to content
Senior Third-Party Cyber Risk Analyst
| Company | TIAA |
|---|
| Location | Frisco, TX, USA |
|---|
| Salary | $79900 – $121400 |
|---|
| Type | Full-Time |
|---|
| Degrees | |
|---|
| Experience Level | Senior |
|---|
Requirements
- 3+ years of experience working in a similar Third-Party Cyber Risk Management role.
- 3+ years of experience interfacing and communicating (both verbal and written) with both technical and non-technical stakeholders on articulating risks, mitigation plans, and compliance requirements.
- Must have knowledge and understanding of Cybersecurity Frameworks including NIST CSF, ISO 27001/SOC2, PCI DSS and CIS Critical Security Controls.
- Possess direct experience with risk assessment methodologies, risk mitigation strategies, and risk reporting.
- Possess the ability to understand complex issues, analyze data, develop a remediation approach, communicate recommendations, and drive work effort to successful completion.
- Understanding of AI concepts and how to apply AI to risk assessments, threat intelligence and to enhance third-party risk management processes.
Responsibilities
- Conduct 3rd Party Cyber Risk Assessments to ensure our vendor’s security policies and controls are aligned to TIAA standards.
- Identify gaps through the assessment, recommend mitigation strategies, Document issues in the Issue Management System, and drive mitigation efforts in collaboration with the internal and external partners.
- Develop and maintain effective relationships and demonstrate effective communication skills to collaborate with representatives of the Lines- of-Business, technology areas, risk partners, and vendors in performing their role.
- Contribute to our efforts to transform the Third-Party Cyber Risk Management program leveraging AI and technical capabilities to reduce risk across our Third-Party ecosystem.
- Apply critical thinking to situations where incomplete / imperfect information is available.
- Collaborate with security teams to investigate and respond to security incidents that may impact our vendor ecosystem.
Preferred Qualifications
- 5+ years of experience working in a similar role.
- Possess technical background and knowledge to help identify tools and technologies that can support our Third-Party Risk Management program.
- Experience collaborating with Agile teams leveraging industry standard tools and processes.
- Possess Cyber Security certifications.
