Post a job

Job has expired

This job post is expired and is no longer taking new applicants.

Return home Find similar jobs

Third Party Security Risk Analyst

UpGuard logo

Location
United States
Base Salary
110k-120k USD
UpGuard

Job Description

Who are we?

UpGuard’s mission is to protect the world’s data. We obsessively seek out elegant, robust ways to enable our customers to find, acknowledge, and remediate cyber risk. With UpGuard, organizations leverage our security expertise and software to automate what was once laborious, spreadsheet-driven processes–whether it's monitoring the attack surface of hundreds of vendors or assessing the security of their own infrastructure. UpGuard is used by some of the world’s largest, fastest-growing, and most innovative companies.
Our Product team at UpGuard comprises of our Product Management, Product Support, Engineering, Design, Data Leaks Detection, and Third Party Risk Management Services. Our Product team’s vision is to become the leader in the Cyber VRM category by providing a best-in-class SaaS platform for organizations to manage their third-party risk and external attack surface. Our purpose as a Product team is simply to build a product that enables this. We aim to build a product that users love and come to rely on, and one that regularly and consistently improves.

Why are we hiring for this role?

We have successfully implemented third-party security managed services for our customers and are looking to scale these efforts therefore need to scale the team!

What will you accomplish?

  • Translate complex and technical aspects into a report so that the business can understand it.
  • Partner with customers to identify, measure, and manage third-party risks and controls.
  • Assist with standardized reports, templates, and scorecards used to inform customers about third-party risks.
  • Perform data leak searches on each managed service vendor.
  • Work closely with various teams including, sales and customer success to understand the changing needs of our customers.
  • Develop and maintain a working knowledge of emerging financial, operational, third-party party, and regulatory/compliance-related information to contribute to the continuous improvement of the third-party risk management offering.

What do we need from you?

  • Knowledge of relevant security frameworks, standards, requirements, and laws e.g. ISO 27001, PCI DSS, APRA CPS 234, NIST CSF, etc.
  • Thorough understanding of cybersecurity risk management.
  • 3+ years of experience in risk management, third-party risk, auditing, or the equivalent.
  • Understanding of third-party risk management practices, including the lifecycle of risk identification, treatment, mitigation, acceptance, and remediation as well as inherent and residual risks.
  • Have a track record of mastering highly technical problem spaces.
  • Possess strong written and verbal communication skills, with a talent for precise articulations of customer problems.

What would give you an edge?

  • Bachelor's Degree in the field of Information Systems or a related major.
  • Any relevant professional certification, such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Regulatory Vendor Program Manager (CRVPM) or Certified Third Party Risk Professional (CTPRP).
  • Have performed data leak assessments.
  • Experience in managing customer expectations.
  • Experience or a keen interest in cybersecurity.

What's in it for you?

  • Rapidly growing user base: Work directly with some of the world’s largest, fastest-growing, and most innovative companies.
  • Interesting problems, at scale: Deeply explore the ever-evolving world of cybersecurity, with a platform processing billions of data points daily.
  • Learn from industry-leading experts: Our security research has been featured in The New York Times, The New Yorker, The Washington Post, TechCrunch, Bloomberg, Gizmodo, Engadget, Forbes, ZDNet, and The Guardian.
  • Impact: See the impact of your work daily, with data and impact available on dashboards you have access to.
  • Generous compensation: The salary range for this role is between $110,000 and $120,000. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience.
  • Great perks: Health, dental, and vision insurance, monthly wellness and grocery subsidies, WFH set-up allowance, and generous learning and development budget.
UpGuard is a Certified Great Place to Work® in the US, Australia, UK and India, establishing its position as a leading global technology employer. 99% of team members agree that UpGuard is a great place to work, apply now to find out why!
As an Equal Employment Opportunity and Affirmative Action Employer, qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.
For applications to positions in the United States, please note, at this time we can only support hiring in the following US states: CA, MD, MA, IL, OR, WA, CO, TX, FL, PA, LA, MO, DC or NV.
Before starting work with us, you will need to undertake a national police history check and reference checks. Also please note that at this time, we cannot support candidates requiring visa sponsorship or relocation.

Advice from our career coach

As someone who has worked in various industries and understands the importance of data security, I would advise any applicant looking to stand out for the Third-Party Risk Analyst position at UpGuard to focus on highlighting their expertise in risk management, cybersecurity, and relevant security frameworks such as ISO 27001 and NIST CSF. Here are some specific tips to help you shine as an applicant:

  • Clearly demonstrate your knowledge and understanding of cybersecurity risk management and third-party risk practices.
  • Showcase your experience in translating technical information into reports that are easily understood by a non-technical audience.
  • Highlight any relevant certifications you may have, such as CISM, CISA, CISSP, or CRISC, to demonstrate your commitment to professional development in the field.
  • Emphasize your track record of mastering highly technical problem spaces and your ability to communicate effectively with both technical and non-technical stakeholders.
  • If you have performed data leak assessments or have experience in managing customer expectations, make sure to include these details in your application to give you an edge over other candidates.

Apply for this job

Expired?

Please let UpGuard know you found this job with RemoteJobs.org. This helps us grow!

About the job

Jul 19, 2024

Full-time

110k-120k USD

  1. US United States
RemoteJobs.org mascot