Jobs · Finance · Illinois

Third-Party Cyber Risk Specialist

Cboe Global Markets · Chicago, IL · 3 wk ago
HybridFinance$84k–$109k/yrFull-time

Role Overview

The Global Third-Party Risk Management Team is seeking a Third-Party Cyber Risk Specialist to assist in executing the risk management program for third-party vendors and service providers. This position includes conducting comprehensive risk assessments, ensuring compliance with Cboe and industry security standards, monitoring vendor relationships, and addressing client due diligence inquiries to mitigate potential risks to the organization.

Cboe’s Third Party Cyber Risk Specialist will specifically focus on cyber threats and vulnerabilities within the third-party ecosystem. Candidates must be able to quickly adjust to changing priorities and adapt to an evolving business environment.

  • Manage incoming client requests (such as assessments, questionnaires, etc.), prioritize and triage requests to appropriate teams, and validate non-disclosure agreements.
  • Facilitate communication between business, legal, technology, and information security teams to validate questionnaire responses and fulfill general requests related to controls defined by Cboe’s standards and policies.
  • Serve as a point of contact for internal stakeholders for client due diligence inquiries, ensuring timely and accurate responses.
  • Function as the subject matter expert for the response management software used for managing and responding precisely and quickly to client due diligence questionnaires.
  • Manage and maintain a standardized library of responses for client due diligence questionnaires, ensuring accuracy and consistency.
  • Collaborate with internal experts to update and refine responses as needed.
  • Absorb and process information and documentation from third party vendors/suppliers.
  • Conduct third-party risk assessments and due diligence reviews.
  • Analyze security information to identify significant control or security gaps and report findings to senior team members.
  • Perform comprehensive security reviews of potential and existing third-party vendors using questionnaires and security tools to evaluate their cybersecurity controls and identify potential risks.
  • Analyze identified risks from third parties and prioritize them based on their potential impact and likelihood of occurrence; create remediation plans accordingly.
  • Continuously monitor third-party vendors' security posture through regular assessments, vulnerability scans, and incident reporting to maintain a consistent level of security.
  • Cook up with internal security team to respond to cyber incidents involving third-party vendors, providing necessary support for investigation and remediation.
  • Aid team with onboarding new vendor relationships.
  • Assist with regulatory exams by obtaining documentation and drafting responses to regulator inquiries.
  • Perform additional activities as needed.

Requirements

  • Bachelor’s Degree or equivalent work experience in a relevant field.
  • 3+ years’ experience in third-party risk management, vendor management, security incident response, cyber management or comparable field required.
  • Strong understanding of cybersecurity principles, including application security, access control, and incident response.
  • Knowledge of compliance and regulatory frameworks (e.g., NIST, SOC 2, GDPR, ISO 27001).
  • Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-function teams.
  • Ability to work independently and manage multiple assignments/projects simultaneously.
  • Experience conducting vendor risk assessments.
  • Experience with third party/vendor risk management platforms is a plus.

Benefits and Perks

  • Fair and competitive salary and incentive compensation packages with an upside for overachievement.
  • Generous paid time off, including vacation, personal days, sick days and annual community service days.
  • Health, dental and vision benefits, including access to telemedicine and mental health services.
  • 2:1 401(k) match, up to 8% match immediately upon hire.
  • Discounted Employee Stock Purchase Plan Tax Savings Accounts for health, dependent and transportation.
  • Employee referral bonus program.
  • Volunteer opportunities to help you give back to your communities.

About Cboe Global Markets

We’re reimagining the future of the workplace by focusing on what matters most, our people. Our journey is an inclusive one. We’re investing deeply in leadership programs and career development initiatives that ensure everyone has an equal chance to succeed. We work with purpose, solving problems with ingenuity, collaboration, and a lot of passion. We’re an engaged and excited team connecting markets across borders and embracing growth in all its forms to achieve incredible outcomes.

Equal Employment Opportunity

We're proud to be an equal opportunity employer do not discriminate against any employee or applicant for employment based on any legally protected characteristic, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or Veteran status. We are committed to fostering a workplace where all individuals are valued and respected.

Similar jobs