Hiring : Third-Party Cyber Risk Professional

Hiring : Third-Party Cyber Risk Professional
Location: Mumbai, India
Company: CyberPwn
Job Type: Full-time
Experience Level: 4-6 years of relevant experience
Education: Bachelor’s degree in Finance, Information Security, Cybersecurity, or a related field
Joining: Immediate

About CyberPwn:

CyberPwn is a leader in providing cutting-edge cybersecurity solutions to businesses worldwide. We specialize in offering robust and innovative services to help companies mitigate risks associated with technology and third-party engagements. Our team of experts is dedicated to protecting the digital assets and sensitive information of our clients by implementing comprehensive cybersecurity measures.

Position Overview:

We are seeking an experienced Financial Analyst with a strong focus on Third-Party Cyber Risk to join our dynamic team in Mumbai. The ideal candidate will have 4-6 years of relevant experience in conducting complex business and technology risk assessments, specifically related to third-party vendors. This role requires an individual with a solid understanding of cybersecurity frameworks, IT infrastructure, and excellent communication skills.

Key Responsibilities:

• Third-Party Risk Management: Conduct thorough and complex business and technology risk assessments related to third-party vendors. You will be responsible for evaluating and managing risks associated with third parties, ensuring that all potential threats are identified and mitigated effectively.
• IT and IS Controls Review: Regularly review and audit IT and Information Security (IS) controls to ensure compliance with industry standards and internal policies. The candidate must be proficient in identifying control weaknesses and recommending actionable solutions.
• Cybersecurity Framework Knowledge: Possess a solid understanding of the NIST Cybersecurity Framework or equivalent standards. You will apply this knowledge to evaluate third-party cybersecurity practices, ensuring they align with organizational and regulatory requirements.
• Firewall and Proxy Management: Demonstrate expertise in firewall and proxy configurations. The candidate should be capable of reviewing and analyzing firewall rules to ensure they are optimized for security and compliance.
• Excel Proficiency: Utilize advanced Excel skills to analyze and present complex data. The candidate should be comfortable with using Excel for risk assessments, data analysis, and reporting.
• Communication Skills: Exhibit strong written and verbal communication skills. You will be required to prepare detailed reports, present findings to management, and communicate effectively with both technical and non-technical stakeholders.
• Cyber Risk Assessments: Conduct comprehensive third-party cyber risk assessments to identify, evaluate, and prioritize potential risks. You will collaborate with cross-functional teams to develop strategies for mitigating identified risks.
• IT Infrastructure Risk Assessment: Perform risk assessments of key applications and IT infrastructure. This involves identifying vulnerabilities, assessing their impact, and recommending appropriate risk mitigation measures.
• Reporting and Compliance: Periodically prepare and present reports on IT security compliance, risk management, and the overall security posture to senior management. You will ensure that the organization’s cybersecurity practices are transparent and well-documented.
• Security Gap Analysis: Continuously monitor and analyze the security posture of the organization and its third parties. You will be responsible for identifying potential security gaps, reporting them to management, and ensuring that remediation efforts are implemented effectively.
• Proof of Concept (PoC) Support: Assist in various Proof of Concept (PoC) activities related to Information Security tools. This includes evaluating new technologies, testing their effectiveness, and making recommendations for their adoption.

Qualifications:

• Bachelor’s degree in Finance, Information Security, Cybersecurity, or a related field.
• 4-6 years of relevant experience in risk management, cybersecurity, or IT audit.
• Proficiency in the NIST Cybersecurity Framework and knowledge of IT controls.
• Strong analytical skills with expertise in Excel.
• Excellent communication skills, both written and verbal.
• Hands-on experience with firewall and proxy management.
• Demonstrated ability to assess and manage third-party cyber risks.

How to Apply:

If you are interested in this challenging and rewarding role, please direct message us or share your resume at talent.acquisition@cyberpwn.com.