Energy

Third-Party Risk Consultant

Contract

Strategic Staffing Solutions

Third-Party Risk Consultant

Location: Houston, TX

The Third-Party Risk Consultant is responsible for analyzing and implementing strategies for third-party cyber security risk management. This role involves supporting the organization in establishing frameworks and processes for evaluating and mitigating risks associated with external partners and vendors. The Third-Party Risk Consultant will also on an as needed basis manage cyber breach incidents from detection through to resolution, ensuring minimal impact on operations in collaboration with cybersecurity operations and cendor management stakeholders.

Key job responsibilities:

  • Develops and implements third-party risk management strategies and frameworks in line with organizational objectives and compliance requirements.
  • Designs and manages processes for continuous monitoring and evaluation of third-party risks, ensuring effective mitigation strategies are in place.
  • Collaborates with internal teams to align third-party risk management practices with overall cybersecurity initiatives and business strategies.
  • Provides expert advice and guidance to leadership on emerging trends, best practices, and regulatory requirements related to third-party risk management.
  • Act as the primary coordinator for managing and responding to cyber breach incidents involving third-party vendors and suppliers.
  • Work closely with the cybersecurity operations to analyze breach incidents, understand their implications, and develop tailored response strategies.
  • Develops training and awareness programs focused on third-party risk management to enhance organizational understanding and capability in managing external risks. Required qualifications:
  • Minimum 3-5 years of experience in Information Technology, with a focus on third-party risk management or related fields.
  • Strong understanding of third-party risk management principles and practices, including risk assessment, monitoring, and mitigation strategies.
  • Knowledge of relevant industry policies, standards, and controls (e.g., NIST, ISO 27001, COBIT) with a specific focus on third-party risk management aspects.
  • Familiarity with key concepts related to IT security and data management, especially as they pertain to third-party and vendor relationships.
  • Relevant certifications are desirable, such as Certified Third-Party Risk Professional (CTPRP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).

Job ID: JOB-234677
Publish Date: 29 Mar 2024

Tagged as: Third-Party Risk Consultant