Post a job

Global Third-Party Security Review Lead

Dentons logo

Location
AO, BF + 58 more
Dentons

Job Description

WHY DENTONS

Dentons is designed to be different. We are driven to always be the firm of the future, to challenge the status quo, and to provide holistic business solutions to our clients in new and innovative ways. We are the lightbulb moments. The bold ideas. We are the world's largest global law firm, with 12,000+ people across 80+ countries. Driven by the diverse perspectives of our people, our clients, and our communities, we combine local knowledge with global insight.

ROLE

The role will focus on conducting third-party vendor security assessments and managing supply chain threats from a cyber security perspective. You will assess, track, measure, and report third-party cyber risk across the global organization.

KEY RESPONSIBILITIES ACCOUNTABILITIES

  • Lead the third-party cyber risk management lifecycle, from executing onboarding security reviews to the offboarding of vendors
  • Develop an annual calendar of third-party re-assessment cyber security reviews on cyber risk presented to the organization
  • Define and introduce into production required third-party security assessments based on services consumed by the organization that will complement current security assessments
  • Identify and create appropriate cyber security risk MI across the third-party vendor estate
  • Identify and implement improvements in current third-party processes and procedures
  • Conduct third-party cyber security assessments and identify controls to mitigate cyber risks to the organizations cyber security posture from vendor relationships
  • Follow established third-party cyber security risk management program guidelines to complete the onboarding of third-party vendors
  • Collaborate with internal business teams and various risk/compliance subject matter experts to address and/or mitigate identified or potential cyber security risks
  • Collaborate with various stakeholder teams to identify and communicate cyber security risk from third-party relationships and drive residual risk to acceptable levels
  • Conduct reviews of IS clauses included in third-party contracts to help strengthen legal security posture for the organization
  • Design and deliver training and education of staff in third-party risk management processes as needed
  • Complete tasks with minimal supervision, in a collaborative, supportive environment
  • Perform other cyber security risk duties as needed
  • Lead the third-party cyber risk team members
  • Supervise and manage junior team members

Requirements

SKILLS COMPETENCIES

Technical Skills

  • Skilled in the use of Microsoft Office suite
  • Fluent in English language – written and verbal

Personal Skills and Attributes

  • Strong troubleshooting, reasoning, and problem-solving skills
  • The ability to pick up and quickly understand new concepts and technology
  • Critical thinking and analytical decision making to discover issues and risks pertaining to third-party risk management
  • Team-oriented and skilled in working within a collaborative environment
  • Ability to effectively multi-task, prioritize and execute tasks
  • Ability to work independently and collaborate with geographically dispersed teams
  • A strong work ethic and passion for finding answers
  • Strong Client relationships building skills
  • Stay current with industry trends in third-party and cyber security risk
  • Excellent written and verbal communication, interpersonal and intercultural skills.

EDUCATION, EXPERIENCE CERTIFICATIONS

  • A bachelor’s degree from an accredited college or university
  • At least 3- 5 years’ management experience
  • 5+ years’ experience as a skilled practitioner in third-party or cyber/IS Risk Management
  • Skilled practitioner in identifying cyber security risks in cloud services and providing mitigating controls
  • Skilled practitioner in the mitigation and/or remediation of cybersecurity vulnerabilities
  • Strong practitioner knowledge of third-party risk strategies and best practices
  • Relevant industry certifications e.g., CRISC, CISM, CISA, ISO/IEC 27001 Lead Auditor
  • Working knowledge and experience with industry standards and best practice including the ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018 and NIST Cybersecurity Framework

LANGUAGE CAPABILITIES/INTERNATIONAL EXPERIENCE

We are a truly global law firm and as such, always welcome hearing from those with foreign language capabilities. Additionally, we would be delighted to hear from candidates with a global background including professional experience gained across different geographies.

Benefits

Work from home

Apply for this job

Expired?

Please let Dentons know you found this job with RemoteJobs.org. This helps us grow!

About the job

Feb 17, 2025

Full-time

  1. AO Angola
  2. BF Burkina Faso
  3. BI Burundi
  4. BJ Benin
  5. BW Botswana
  6. CD Congo - Kinshasa
  7. CF Central African Republic
  8. CG Congo - Brazzaville
  9. CI Côte d’Ivoire
  10. CM Cameroon
  11. CV Cape Verde
  12. DJ Djibouti
  13. DZ Algeria
  14. EG Egypt
  15. EH Western Sahara
  16. ER Eritrea
  17. ET Ethiopia
  18. GA Gabon
  19. GH Ghana
  20. GM Gambia
  21. GN Guinea
  22. GQ Equatorial Guinea
  23. GW Guinea-Bissau
  24. IO British Indian Ocean Territory
  25. KE Kenya
  26. KM Comoros
  27. LR Liberia
  28. LS Lesotho
  29. LY Libya
  30. MA Morocco
  31. MG Madagascar
  32. ML Mali
  33. MR Mauritania
  34. MU Mauritius
  35. MW Malawi
  36. MZ Mozambique
  37. NA Namibia
  38. NE Niger
  39. NG Nigeria
  40. RE Réunion
  41. RW Rwanda
  42. SC Seychelles
  43. SD Sudan
  44. SH St. Helena
  45. SL Sierra Leone
  46. SN Senegal
  47. SO Somalia
  48. SS South Sudan
  49. ST São Tomé & Príncipe
  50. SZ Eswatini
  51. TD Chad
  52. TF French Southern Territories
  53. TG Togo
  54. TN Tunisia
  55. TZ Tanzania
  56. UG Uganda
  57. YT Mayotte
  58. ZA South Africa
  59. ZM Zambia
  60. ZW Zimbabwe
RemoteJobs.org mascot