Third Party Security Risk Analyst
Posted on Friday, March 24, 2023
Who are we?
UpGuard’s mission is to protect the world’s data. We obsessively seek out elegant, robust ways to enable our customers to find, acknowledge, and remediate cyber risks. With UpGuard, organizations leverage our security expertise and software to automate what was once laborious, spreadsheet-driven processes–whether it's monitoring the attack surface of hundreds of vendors or assessing the security of their own infrastructure. UpGuard is used by some of the world’s largest, fastest-growing, and most innovative companies.
Why are we hiring this role?
We have successfully implemented third-party security managed services for our customers and are looking to scale these efforts therefore need to scale the team!
What will you accomplish?
- Translate complex and technical aspects into a report so that the business can understand it
- Partner with customers to identify, measure and manage Third Party risks and controls
- Assist with standardised reports, templates and scorecards used to inform customers about third-party risks
- Perform data leak searches on each managed service vendor
- Work closely with various teams including, sales and customer success to understand the changing needs of our customers
- Develop and maintain a working knowledge of the emerging financial, operational, third party and regulatory/compliance-related information to contribute to the continuous improvement of the Third Party risk management offering
What do we need from you?
- Knowledge of relevant security frameworks, standards, requirements, and laws e.g. ISO 27001, PCI DSS, APRA CPS 234, NIST CSF etc.
- Thorough understanding of cybersecurity risk management
- 3+ years of experience in Risk Management, Third Party Risk, Auditing or the equivalent
- Understanding of Third Party risk management practices, including the lifecycle of risk identification, treatment, mitigation, acceptance, and remediation as well as inherent and residual risks.
- Have a track record of mastering highly technical problem spaces
- Possess strong written and verbal communication skills, with a talent for precise articulations of customer problems
What would give you an edge?
- Bachelor's Degree in the field of Information Systems or a related major
- Any relevant professional certification, such as Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Regulatory Vendor Program Manager (CRVPM) or Certified Third Party Risk Professional (CTPRP)
- Performed data leaks assessments
- Experience in managing customer expectations
- Experience or a keen interest in cybersecurity
What's in it for you?
- Rapidly growing user base: Work directly with some of the world’s largest, fastest-growing, and most innovative companies
- Interesting problems, at scale: Deeply explore the ever-evolving world of cybersecurity, with a platform processing billions of data points daily
- Learn from industry-leading experts: Our security research has been featured in The New York Times, The New Yorker, The Washington Post, TechCrunch, Bloomberg, Gizmodo, Engadget, Forbes, ZDNet, and The Guardian
- Impact: See the impact of your work on a daily basis, with data and impact available on dashboards you have access to
- Generous compensation: Competetive salary & stock options.
- Great perks: Grocery and gym reimbursements, flexible work arrangements, learning and development stipend, and generous PTO package
My Startup Gig ran an independent review into life at UpGuard. To see what it's like to work at UpGuard, check out their survey results here.
Before starting work with us, you will need to undertake a national police history check and reference checks. Also please note that at this time, we cannot support candidates requiring visa sponsorship or relocation.
UpGuard is an Equal Opportunity Employer and qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.
Please note, at this time we can only support hiring for this role in Australia.