Tcpr Analyst

4 months ago

Singapore CXC Global Full time

Key Responsibilities:

  • Manage inherent risk ranking of ALL suppliers in compliance with the Global Third-Party Cyber Risk policy, liaising with the Global Third-Party team and Business relationship Owners.
  • Conduct risk assessments of Cloud providers.
  • Identify, track, and manage issues and control deficiencies related to Third Parties, supporting remediation activities with business owners.
  • Maintain and manage the Information Security Third Party Inventory and the Issues Register in coordination with the Enterprise Risk Management strategy.
  • Execute Third Party Cyber Risk assessments initiated by the business.
  • Oversee Third Party assessments meeting applicable SLAs.
  • Review information security policies, standards, guidelines, and baselines in place and being developed.
  • Contribute to Security Awareness Training and reduce Third Party risk to acceptable levels.
  • Assist with internal security reporting, including steering committees and updates for senior management.
  • Manage Third-Party related information security projects.
  • Develop and enhance the program for improved efficiency.
  • Provide support to the TPCR Regional Lead and engage with the wider Information Security team.

Experience:

  • High level of business acumen, preferably in a regulated/financial industry.
  • 5+ years of information security experience with a focus on risk assessments, controls, governance, program development, compliance, and/or auditing. Previous experience supporting or managing a Third-Party risk assessment program is essential.
  • Expertlevel knowledge of business and technical aspects of information security, including thirdparty security risk and European data protection regulation.
  • Strong ability to understand and analyze complex business processes and technologies for sound recommendations to nontechnical stakeholders.
- eGRC system or similar system administration experience is a plus.

  • Experience reviewing and redlining agreements is a plus.
  • Excellent time management, organizational, interpersonal, customer service, and conflict management skills.
  • Excellent written and verbal communication skills.
  • Proficient use of personal computers and Microsoft Office Suite.