Third-Party Risk Analyst
Location: Chicago (Hybrid: 2 days on-site)
Salary: Competitive base with bonus
Glocomms are partnered with a global financial services trading firm in the search for a Third-Party Risk Analyst. The firm trades a variety of asset classes such as Commodities, Equities, Fixed Income, ETF's, FX, and more, and have a broad portfolio of clients which they have built over the last three decades.
This is an exciting opportunity for a junior-mid level Third Party Risk Analyst with a security focus to join a fast-paced and diverse trading firm.
Responsibilities:
- Drive the Third-party Security Risk Management program.
- Conduct risk assessments on vendors including sending, receiving, and processing questionnaires from vendors.
- Monitor vendors continuously for potential risks and vulnerabilities.
- Interpreting SOC 2, ISO, SIG reports to validate controls evidence requests.
- Validate the ability to manage vendor admin access, monitoring and logging, MFA, and various other critical controls areas during the onboarding process.
- Ensure vendor issues are tracked and remediated.
- Escalate issues to senior members of the team accordingly.
- Collaborate with vendor relationship owners and technology stakeholders within DRW to determine the inherent risk of vendors.
Qualifications
- 2-3+ years' experience in a vendor risk management, information security analyst/consulting, security control testing, internal audit, or similar type of role.
- Knowledge of control frameworks such as NIST, ISO27001, CSA, CIS, SiG, etc.
- Understanding of how to interpret vendor responses.
- Knowledge of vendor risk management best practices.
- Seek to continuously improve knowledgebase and understanding of cybersecurity best practices and news.
- A confident individual who is hungry to learn, progress, and not afraid to ask questions.
This is an exciting opportunity for somebody who is looking for the next step in the career focusing on Third Party Risk Management within a highly reputable trading firm based in Chicago. If you are interested in this position, please apply and Akash Solankee from the Glocomms Cyber & Information Security team will reach out to you directly.