Demo

Lead Third-Party Cyber Risk Analyst

TIAA
Frisco, TX Full Time
POSTED ON 12/27/2024
AVAILABLE BEFORE 2/25/2025
Lead Third-Party Cyber Risk Analyst

TIAA is seeking a Lead Third-Party Cyber Risk Analyst to support their Enterprise Cybersecurity program. This role will conduct and evaluate third party risk assessments covering cyber security, identify information security risks, document issues, identify remediation action plans, and collaborate with internal partners and third parties to mitigate the issues. This is a lead role within the team and will be assigned special projects within Cybersecurity or Third-Party Cyber Risk Management as well as provide Quality Assurance of assessments within the team.

This role will be a key member of our Governance & Risk organization within our Cybersecurity organization. The ideal candidate will have experience within the Cyber Security field, with a focus on Governance, Risk & Compliance. In addition, possess an in-depth understanding of Third-Party Cyber Risk Management practices and experience providing guidance to internal partners. This role requires strong communications skills, both oral and written, with excellent interpersonal, team and organizational skills. The ideal candidate must be able to execute small projects by understanding a problem statement, identifying solutions, and completing the work as part of our Agile team.

This role works under limited supervision and will also support the overall program and process execution of the vendor risk management team and to drive improvements to minimize risk exposure to the organization.

Key Responsibilities and Duties
  • Exhibits a deep understanding of Third-Party Cyber Risk Management practices and provides guidance to internal partners as required.
  • Complete Third-Party Cyber Risk assessments to identify risks and validate implemented security controls to mitigate those risks.
  • Develop and maintain effective relationships with both internal/external stakeholders.
  • Collaborate with internal teams and third-party resources to communicate gaps identified through the assessment and provides recommendations to close the gaps.
  • Document and create issues in the Issue Management system and collaborate with external partners to drive remediation of the risks.
  • Demonstrate effective communication skills to collaborate with representatives of the Lines- of-Business, technology areas, risk partners, and vendors in performing their role.
  • Demonstrates ability to identify issues, develop plans to resolve, and understands how to escalate when needed.
  • Collaborate with technology and risk partners to create remediation action plans to mitigate cybersecurity risks and govern action plans through until completion.
  • Apply critical thinking to situations where incomplete / imperfect information is available.
  • Facilitate implementation of the Cyber organization’s global strategies and initiatives to enhance Information Technology plans, operations, and procedures.
  • Collaborate across extended teams to identify optimization opportunities and drive efficiencies within the vendor engagement and vendor due diligence processes.
  • Maintain and enhance documented policies and procedures.

Educational Requirements
  • University (Degree) Preferred
Work Experience
  • 5 Years Required; 7 Years Preferred
Physical Requirements
  • Physical Requirements: Sedentary Work

Career Level
8IC
Qualifications:
Required:
  • Minimum of 5 years’ experience working in a similar Third-Party Cyber Risk Management role. Possess direct experience with risk assessment methodologies, risk mitigation strategies, and risk reporting.
  • Minimum of 5 years’ experience interfacing and communicating (both verbal and written) with both technical and non-technical stakeholders on articulating risks, mitigation plans, and compliance requirements.
  • Possess the ability to break down strategic problems, analyze data, develop a remediation approach, communicate recommendations, and drive work effort to successful completion.
  • Knowledge of the NIST Risk Management Framework (RMF) and security controls. Must understand the risk management process, risk mitigation, and risk tracking.
Preferred:
  • Minimum of 7 years of experience working in a similar role.
  • Knowledge of new/emerging practices within cybersecurity and controls.
  • Possess technical background and knowledge to help identify tools and technologies that can support our Third-Party Risk Management program.
  • Experience collaborating with Agile teams leveraging industry standard tools and processes.
  • Possess Cyber Security certifications.
#LI-VR1
Related Skills
Accountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively
Anticipated Posting End Date:
2025-01-18
Base Pay Range: $104,100/yr. - $167,100/yr.
Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).
_____________________________________________________________________________________________________
Company Overview
Every worker deserves a secure retirement. For more than 100 years, TIAA has delivered it for millions of people. Founded to help educators retire with dignity, today weʼre a market-leading retirement company fueled by world-class asset management. But weʼre not just another legacy financial services firm. Weʼre fighting harder than ever before for our clients and the many Americans who need us.
Benefits and Total Rewards
The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That’s why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our
Benefits Summary
.
Equal Opportunity
We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Accessibility Support
TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.
If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:
Phone: (800) 842-2755
Email:
accessibility.support@tiaa.org

Salary : $104,100 - $167,100

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Lead Third-Party Cyber Risk Analyst?

Sign up to receive alerts about other jobs on the Lead Third-Party Cyber Risk Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$58,470 - $77,272
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$99,138 - $133,641
Income Estimation: 
$75,905 - $103,047
Income Estimation: 
$74,367 - $98,680
Income Estimation: 
$58,470 - $77,272
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$99,138 - $133,641
Income Estimation: 
$75,905 - $103,047
Income Estimation: 
$74,367 - $98,680
Income Estimation: 
$74,367 - $98,680
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$99,138 - $133,641
Income Estimation: 
$94,973 - $125,755
Income Estimation: 
$96,228 - $129,772
Income Estimation: 
$96,228 - $129,772
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$121,926 - $164,179
Income Estimation: 
$124,413 - $154,875
Income Estimation: 
$87,128 - $112,557
Income Estimation: 
$124,413 - $154,875
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$164,394 - $225,474
Income Estimation: 
$161,616 - $208,121
Income Estimation: 
$87,128 - $112,557
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at TIAA

TIAA
Hired Organization Address Syracuse, NY Full Time
Wealth Management Coach The Director, Wealth Management Coach enables client facing Wealth Management client facing asso...
TIAA
Hired Organization Address Dallas, TX Full Time
Manager, Technology Risk Officer (Enterprise IT Risk) The Technology Risk Officer (Enterprise IT Risk) is responsible fo...
TIAA
Hired Organization Address St. Louis, MO Full Time
This is a Non-Employee Contingent Worker Role providing services for TIAA’s family of companies and will be employed by ...
TIAA
Hired Organization Address Frisco, TX Full Time
The Trust Specialist works on a centralized team and is accountable for providing superior customer service to Trust cli...

Not the job you're looking for? Here are some other Lead Third-Party Cyber Risk Analyst jobs in the Frisco, TX area that may be a better fit.

Third-Party Cyber Risk Analyst

OneThirtyOne LLC, Dallas, TX

Data Analyst (Third Party Risk)

wellsfargo, Dallas, TX

AI Assistant is available now!

Feel free to start your new journey!