Tcpr Analyst
4 months ago
Singapore
CXC Global
Full time
Key Responsibilities:
- Manage inherent risk ranking of ALL suppliers in compliance with the Global Third-Party Cyber Risk policy, liaising with the Global Third-Party team and Business relationship Owners.
- Conduct risk assessments of Cloud providers.
- Identify, track, and manage issues and control deficiencies related to Third Parties, supporting remediation activities with business owners.
- Maintain and manage the Information Security Third Party Inventory and the Issues Register in coordination with the Enterprise Risk Management strategy.
- Execute Third Party Cyber Risk assessments initiated by the business.
- Oversee Third Party assessments meeting applicable SLAs.
- Review information security policies, standards, guidelines, and baselines in place and being developed.
- Contribute to Security Awareness Training and reduce Third Party risk to acceptable levels.
- Assist with internal security reporting, including steering committees and updates for senior management.
- Manage Third-Party related information security projects.
- Develop and enhance the program for improved efficiency.
- Provide support to the TPCR Regional Lead and engage with the wider Information Security team.
Experience:
- High level of business acumen, preferably in a regulated/financial industry.
- 5+ years of information security experience with a focus on risk assessments, controls, governance, program development, compliance, and/or auditing. Previous experience supporting or managing a Third-Party risk assessment program is essential.
- Expertlevel knowledge of business and technical aspects of information security, including thirdparty security risk and European data protection regulation.
- Strong ability to understand and analyze complex business processes and technologies for sound recommendations to nontechnical stakeholders.
- Experience reviewing and redlining agreements is a plus.
- Excellent time management, organizational, interpersonal, customer service, and conflict management skills.
- Excellent written and verbal communication skills.
- Proficient use of personal computers and Microsoft Office Suite.