- Directly responsible for performing security due diligence risk assessments on new and existing third parties against First Quality policies as well as leading industry practices
- Identify third party risks, appropriate risk levels, and recommend remediation or mitigation strategies to the business
- Present issues to the business and 3rd parties and obtain corrective action plans
- Track and follow up on corrective action plans and review evidence for closure
- Work with business and project teams to ensure security controls are built into IT functional specifications using leading industry practices
- Review documentation associated with third party risk assessments to identify non-conformances
- Establish and maintain Key Performance Indicators (KPIs)and Key Risk Indicators (KRIs) for the Third-Party Risk Management Program and initiatives
- Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure and risk
- Perform maintenance and configuration changes, as necessary, in the Third-Party Risk Management platform
- Update procedure documentation to incorporate process changes
- Drive relevant stakeholder participation in evaluation of risk and control effectiveness
- Maintain expertise on security trends through training, research, and development to mitigate potential security exposures
- Liaise with key functional teams such as HR, IT, OT, Digital Strategy, Finance, Enterprise Risk, Quality, Office of General Counsel and relevant business stakeholders to perform third party security reviews on their new and existing vendors and identify risks that require remediation
- Occasional travel : Up to 15%
- 5 years' experience working directly in an Information Security, Information Technology or Operational Technology department with involvement in the Third-Party Risk Management Program
- Experience working with any Third-Party Risk Management platform is preferred
- Experience securing or assessing SCADA/OT systems and vendor solutions is a plus
- Working knowledge of security technologies and controls in the following areas: Operational Technology/SCADA systems, cloud computing, mobile device management, identity and access management, emerging technologies
- Working knowledge of the following types of assessment reports: Standard Information Gathering (SIG), SOC 1 and 2 reports, CAIQ
- Working knowledge of the following frameworks and regulations: ISO 27001/2, NIST 800-53, NIST CSF, Standard of Good Practice, HIPAA HiTrust
- Bachelor's degree in management information systems, computer science, cyber security or equivalent
- Ability to work independently and under the guidance of a direct supervisor
- Ability to prioritize and multitask and a work approach that supports flexibility and adaptability is paramount
- Excellent written and oral communications skills; ability to lead discussions, present ideas to audiences of all sizes, and interact with all levels of the organization
- Ability to communicate security technical risks to non-technical business stakeholders
- Proficiency with the Microsoft Office suite
- Professional security management certification: CompTIA Security +, CISSP, CISA, or equivalent or working towards certification is preferred
-
financial management analyst gs-0501-7/9/11
4 weeks ago
Naval Supply Systems Command Pennsylvania, United StatesPosition Description · Three positions available located in Philadelphia, PA with NAVSUP WSS. The incumbents will advise on budget administration matters and formulate budget estimates to support plans, programs, and activities. · Pay Plan · GS · Grade · 7 · Full Performance L ...
-
Business Operations Analyst
5 days ago
Tatum by Randstad Pennsylvania, United StatesBusiness Operations Data Analyst - $80,000 to $95,000 plus bonus (IN OFFICE) · Unique newly created role within the Corporate Operations Department of a growing privately held mid-sized company on the West Shore of Harrisburg. The position will report to an awesome hiring manager ...
-
Bluebird Staffing Pennsylvania, United StatesRemote- Temp to Perm · Epic Hospital Billings Claims Analyst · Location: 100% remote · Interview Process: 1st interview 30-45 min and 2nd 30 minutes; zoom invite will be provided · Manager Notes: · Epic Hospitals Billing Claims - Hospital Billing Claims certification required; no ...
-
Board Certified Behavior Analyst
3 weeks ago
Nucleus Healthcare Pennsylvania, United StatesBoard Certified Behavior Analyst – "BCBA" in Pennsylvania · Position Type: Regular, Full-time · About Us · Nucleus Healthcare is searching for a Board-Certified Behavior Analyst (BCBA) to work with one of our prestigious clients at a top-rated ABA provider managed by a clinical l ...
-
Senior Financial Analyst
3 days ago
Genuine Search Group Pennsylvania, United StatesWe are currently representing a $400 million-dollar food-manufacturing organization in Chester County that has a newly created Senior Financial Analyst position as they are growing internationally. · Job Summary: · This role will provide financial leadership and decision support ...
-
Clinical Resources Manager
3 days ago
Proclinical Staffing Pennsylvania, United States Full timeClinical Resources Manager - Permanent - PennsylvaniaProclinical is seeking a Clinical Resources Manager to be based in Pennsylvania for a permanent position. This role is for a growing company within the US and is a hybrid role. · Primary Responsibilities:This role is pivotal in ...
-
Business Analyst
3 weeks ago
Prorec Resource Solutions, LLC Pennsylvania, United StatesJoin Our Business Analyst Talent Pool for Future Opportunities in Harrisburg, PA · We are not accepting unsolicited resumes or applications from recruitment agencies or third-party providers for this posting. · Location: Harrisburg, PA · Employment Type: Full-Time / Contract - F ...
-
Senior Pricing Analyst
2 weeks ago
Tatum by Randstad Pennsylvania, United StatesSenior Pricing Analyst - $80,000 to $90,000 · Highly visible Senior level Pricing opportunity for a growing, privately held company on the west shore of Harrisburg (located between Mechanicsburg and Camp Hill). The Senior Pricing Analyst will manage and implement all pricing rela ...
-
Epic Grand Central Analyst- Temp to Perm
1 week ago
Bluebird Staffing Pennsylvania, United StatesEpic Grand Central Analyst · Salary: $39 per hour now (contract), then up to $100k Salary (convert to FTE) · Interview Process: 1st interview 30-45 min and 2nd 30 minutes; zoom invite will be provided · Manager Notes: · Epic Grand Central - Epic certification required; manager wi ...
-
Investment Analyst
2 weeks ago
Cedar Grove Capital Pennsylvania, United StatesCompany Description · Cedar Grove Capital is a vertically integrated owner/operator focused on investments in multi-family communities. The company takes pride in its disciplined approach to sourcing and operating investments while serving as a prudent fiduciary of its partners' ...
-
CRM Analyst
3 weeks ago
Quaker Houghton Pennsylvania, United StatesAbout Us · At Quaker Houghton, we are experts in the development, production and application of industrial process fluids, lubricants and coatings for the manufacturing industry. We have been an integral part in the growth of the world's largest industrial and manufacturing compa ...
-
Cyber Security Analyst
1 week ago
Solü Technology Partners Pennsylvania, United StatesEmployment Requirements · This opportunity is for local candidates only and offers mostly remote work. · Job Description · Our partner is responsible for planning, designing, constructing, and maintaining Pennsylvania's multi-modal transportation system. This includes approximate ...
-
Plan Administration Pension Analyst
1 week ago
Duncan Financial Group Pennsylvania, United StatesAbout Duncan Financial Group · Headquartered in Irwin, Pennsylvania – we help clients build and protect a better financial future. Our vision is to become the premier independent insurance and financial services organization that sets the standard for adding value to the lives of ...
-
IT Integration Engineer
2 weeks ago
Main Line Health Pennsylvania, United StatesWhy work as an Integration Engineer with Main Line Health? · Make an Impact The Integration Engineer is responsible for developing interfaces using the appropriate standard or protocol (such as: HL7, CCD, XML, X12, SFTP, HTTPS, FHIR, web services, API, or other interoperability s ...
-
Senior Technical Account Manager
1 week ago
In-Finite Search Solutions Pennsylvania, United StatesTerritory is Pennsylvania, New York, Maryland, New Jersey, Connecticut, Vermont, New Hampshire, Maine and Rhode Island · Job description · Must have experience in Linear Motion/Bearing sales. You will have responsibility for ownership of the direct relationship within all Account ...
-
Cyber Security Analyst
1 week ago
LingaTech Pennsylvania, United StatesOn-Going contract role · Remote / Hybrid role - candidates needed on-site for equipment pickup, badging, meetings and trainings as requested · ** Local candidates only ** · Our client seeks a local Cyber Security Analyst whose strength is in firewalls with a minimum of 5 years' e ...
-
Database Analyst IV
3 weeks ago
ATR International Pennsylvania, United States OTHERJob Description: · We are seeking a Database Analyst for a very important client · Responsible for designing, modeling, developing and supporting Database Management Systems (DBMS) Analyzes data requirements, application and processing architectures, data dictionaries, and datab ...
-
Locum Physician
2 weeks ago
Austin Major Group Pennsylvania, United States contractAustin Major Group is looking for an Emergency Physician for Locum Tenens in Pennsylvania. · Details: · ED patients will range from peds to adult/geriatric and see everything from · acute to emergent/trauma. · Will work alongside other physicians and APPs and will sign off on AP ...
-
Football Data Scout
3 weeks ago
Sports Info Solutions Pennsylvania, United StatesTitle: 2024 Football Data Scout · This role is considered fully remote: Currently SIS is only cleared to hire remote candidates in AL, AZ, CO, DE, FL, GA, IL, IN, LA, MA, MD, MI, MN, MO, MS, NC, NE, NJ, NV, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI. If you live in any state ...
-
RN-Telemetry Travel Nursing
2 weeks ago
All Medical Personnel Pennsylvania, United Statesp Specialty : RN-Telemetry -Travel · Assist physicians with patient management Identifies irregular telemetry readings and notify appropriate medical team members Monitor and adjust specialized equipment used on patients, and interpret and record electronic displays Monitor elec ...
Third Party Risk Management Analyst - Pennsylvania, United States - First Quality
Description
First Quality was founded in 1989 and, in nearly three decades, has grown to be a global privately held company with over 4,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, and Canada. First Quality is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (print and packaging materials), serving institutional and retail markets throughout the world. First Quality focuses on private label and branded product lines.
Our core business philosophy is built on a proud culture driven by safety and quality, respect, humility, integrity, customer focus, and teamwork. With leading edge manufacturing technologies and processes and visionary leadership, First Quality is positioned to continue significant growth in the coming years.
Information Security Third Party Risk Management Analyst
This position is responsible for managing the daily operations of the Information Security Third Party Risk Management (TPRM) program within the Information Security Governance, Risk and Compliance (IS GRC) team. This position has several principal responsibilities as outlined below. This position reports to the Manager of Information Security GRC.
ESSENTIAL DUTIES AND RESPONSIBILITIES
The Information Security Third Party Risk Management Program Analyst will be tasked with running the day-to-day third-party assessments by working alongside the Third Party Risk Lead and Manager of Information Security GRC. The Analyst will be responsible for the day-to-day vetting operations of the Third-Party Risk Management Program which includes risk assessments for vendor applications, software, systems, contractors and consultants. This role will be responsible for ensuring sound security practices are built in throughout the third parties' lifecycle.
Activities include:
Requirements:
QUALIFICATIONS:
The estimated annual base salary range for this position is $110,000 - $120,000.
Base pay is only part of our total compensation package, which also includes an attractive annual discretionary bonus and a robust suite of employee benefits for which you are eligible to participate in starting on your first day of employment.
Base pay offered will be determined on an individualized basis and we will consider your location, experience, and other job-related factors.
First Quality is committed to protecting information under the care of First Quality Enterprises commensurate with leading industry standards and applicable regulations. As such, First Quality provides at least annual training regarding data privacy and security to employees who, as a result of their role specifications, may come in to contact with sensitive data.
First Quality is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, sexual orientation, gender identification, or protected Veteran status.