- Supporting and contributing to third-party security risk management in complex engineering and industrial environments and perform third-party security risk assessments.
- Ensuring suppliers comply with BH information and cyber security policies.
- Leading and performing security risk assessments of third-party suppliers.
- Tracking supplier assessment results until closure.
- Identifying high risk suppliers based on BH priorities policies.
- Identifying areas of technical and process improvements, interaction with relevant company functions.
- Maintaining timely communication with Supplier, Business, and Sourcing references.
- Supporting and contributing to KRI metrics to help drive the third-party security risk program and reporting.
- Supporting and contributing to the development and implementation of third-party security risk requirements including policies, procedures, and standards.
- Providing subject matter expertise on issue remediation for security gaps identified in security risk assessments.
- Leading and supporting training sessions on third-party security risk to internal teams and stakeholders.
- Delivering timely and concise communication, including developing and producing reports, illustrating status, trends, and action plans to support the third-party security risk program.
To be successful in this role you will:
- Have a bachelor s degree in a Computer Science or STEM-related field.
- Have minimum 5 years of professional experience in Third Party Risk Management.
- Have an exposure to industry compliance frameworks and compliance regulations (ISO27001/2, NIS 2, NIST CSF/800-53).
- Be excellent interpersonal and team player skills, able to mediate conflicts, recognize options, propose, and implement solutions.
- Be self-starter requiring minimal supervision.
