Jobs · Finance · Illinois

Third Party Risk Manager

Crowe · Chicago, IL · 5 days ago
Finance$105k–$214k/yrFull-time

Job Description

The position will be primarily responsible for managing and leading the assessment of the information security posture of key clients' third parties while overseeing the overall execution, quality, and delivery of assessments.

  • Leading Third Party Risk Assessments by evaluating third-party questionnaire responses, performing control validation, and assessing documentation per established procedures and standards
  • Managing and overseeing assessment teams, project timelines, and client deliverables across multiple engagements
  • Performing and overseeing site visits to third-party facilities
  • Evaluating the effectiveness of security controls for compliance with applicable policies, security laws, regulations, and industry standards
  • Assessing cloud technologies such as Software as a Service (SaaS) hosted applications, Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) deployments
  • Documenting information security risk and compliance findings, presenting recommendations for remediation, and communicating results to client leadership
  • Performing quality assurance reviews of assessments completed by team members to ensure consistency and accuracy
  • Delivering high-quality, executive-level reports and presentations
  • Coordinating schedules, resource allocation, and assessment activities for key third-party clients while overseeing all key deliverables
  • Supporting business development initiatives, client relationship management, and practice growth efforts
  • Mentoring, coaching, and developing staff and senior consultants within the practice

Basic Qualifications

  • Bachelor’s Degree
  • Information Technology and/or Cybersecurity background and/or experience, including 5–8+ years of IT, cybersecurity, risk management, or third-party risk experience with network, platform, and/or application technology
  • One or more of the following certifications required: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Third Party Risk Assessor (CTPRA), Certified in Risk and Information Systems Control (CRISC) preferred
  • Strong knowledge of security domains such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, cloud security, or web security
  • Working knowledge of one or more compliance frameworks such as SOC 2, ISO 27001, NIST, HIPAA, PCI DSS, or HITRUST
  • Experience managing multiple projects and teams in a fast-paced consulting environment
  • Demonstrated leadership experience overseeing project execution, client relationships, and team performance
  • Prominent ability to learn new technologies and systems, especially through independent research and self-study
  • Strong verbal and written communication skills with the ability to present technical information to both technical and executive audiences
  • Able to manage project schedules, budgets, staffing, and client expectations
  • Ability to travel domestically an average of 20%–50% per year

Preferred Qualifications

  • Bachelor’s and/or advanced degree with a concentration in Cybersecurity, Risk Management, Computer Science, Management Information Systems, or related field
  • Experience working with or assessing third-party vendors and service providers
  • IT or cybersecurity experience at a leading public company, consulting firm, or regulated industry organization
  • Experience with Archer, ProcessUnity, ServiceNow, OneTrust, or other GRC/VRM platforms
  • Experience leading teams and mentoring junior professionals in a consulting or advisory environment
  • Bilingual capabilities preferred
  • Open to remote work arrangements

Similar jobs

Third-Party Risk Manager

Sumitomo Mitsui Trust Bank Limited New York BranchNew York, NY· 1 wk ago
Management$50/hrapply on workforcenow.adp.com