Lead Analyst, Security Strategy & Assurance
Ladders · United States · 5 days ago
RemoteRemoteBusiness Development$100k–$130k/yrFull-time
Responsibilities
- Own and enhance the Third Party Risk Management (TPRM) program with a focus on strategy and frameworks
- Lead vendor risk assessments and develop scalable processes that accommodate growth
- Identify and rectify gaps in TPRM practices relative to industry standards
- Collaborate with various teams to integrate risk requirements in vendor selection and contracts
- Maintain vendor risk inventory and report statuses to leadership effectively
- Monitor regulatory developments impacting third-party risks
- Evolve the enterprise risk register, ensuring consistent risk management across units
- Facilitate risk workshops and validate control effectiveness with leaders
- Develop and report on key risk indicators and connectivity to business outcomes
- Integrate risk management into business planning and initiatives early in the process
- Enhance compliance programs for certifications and act as the audit contact for related controls
- Translate emerging regulations into actionable program changes and improve compliance documentation
- Identify inefficiencies in workflows and spearhead improvements to processes
- Lead GRC tooling optimization ensuring efficient platform use
- Establish scalable operating procedures for risk activities and track operational metrics for program health
Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience
- 7-10 years in information security, risk management, or compliance with 3-4 years in third-party/vendor risk
- Proven experience in enhancing a TPRM program including risk tiering and remediation management
- Strong knowledge of enterprise risk management frameworks (NIST RMF, ISO 31000, COSO) and security control frameworks (ISO 27001, SOC 2, NIST CSF)
- Experience leading internal and external audits for certifications like SOC 2 and ISO 27001
- Ability to operate autonomously on complex projects and drive cross-functional initiatives
- Excellent communication skills
Pay
$100,000 – $130,000 annually
Schedule
Remote - US based candidates only, no visa sponsorship available