Third Party Cybersecurity Risk - Emerging Industries Sr Staff (Leading Advisory Firm)

New York, NY

Posted: 09/19/2018 Employment Type: Direct Hire Job Category: Information Security Job Number: 73
Job Type: Full Time or Contract
Location(s): Chicago, New York, or LA

Job Description and Synthesis
The position will be primarily responsible for assessing the information security posture of key clients’ third parties and coordinating the overall execution and delivery of assessments. The position will work within a team at a client or third party site and be responsible for leading the effort to identify key risks and information security gaps. Projects would be performed through interacting with the client’ s IS and Business Unit leadership, as well as the client’ s vendors, service providers, and partners.

Specific Responsibilities
Specific projects may include:
  • Conducting a Third Party Technology Risk Assessment
  • Performing due diligence on an individual third party relationship to assess the technology risks
  • Performing a site visit to a third party facility
  • Assessing cloud technologies such as Software as a Service (SaaS) hosted applications, Platform as a Service (PaaS), and Infrastructure as a Service deployments (IaaS)
  • Coordinating the schedules and assessments for key third party clients and overseeing all key deliverables
  • Delivering high quality, thorough reports

Key Qualifications
  • Bachelor' s Degree and/or advanced degree with a concentration in: Data Analytics, Computer Science, Management Information Systems, or Statistics/Mathematics is required
  • Information Technology and/or Cybersecurity background and/or experience, including 2-4 years IT experience with network, platform, and/or application technology
  • IT experience at a leading industry public company is preferred. This might include either IT auditing or being a member of an IT or Cybersecurity team
  • Experience managing multiple projects, in a fast paced environment is required
  • Proven ability to learn new technologies and systems, especially through independent research and self-study
  • Background in Information Security and/or willingness to learn Information Security based on a solid IT foundation
  • Experience with Life Sciences organizations and Quality Management Systems (preferred, but not required)
  • Any experience working with or assessing third party vendors is preferred but not required
  • Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations
  • This position requires travel, primarily domestic
  • Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred
  • Ability to communicate technical information verbally and through written documentation
  • Ability to manage project schedules and client expectations
  • Ability to travel an average of 30%-50% per year
cybersecurity, information security, CISSP, or CISA

Spencer Knibbe
Managing Partner

Spencer is the Founder and Managing Partner of MBK Search, LLC - an executive search firm that specializes in the governance, risk, compliance, and cybersecurity market space. Prior to founding MBK, Spencer was Head of Operational Risk at Bridgewater Associates. Before moving to Bridgewater, Spencer was the Head of Risk for ICAP, Plc covering the Americas Region. He started his career in venture capital as an investment associate.

Spencer graduated from Harvard University in 2001 and resides in Ridgefield, CT with his wife and two sons.

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.