Vendor Risk Analyst (Associate)

United States, Dallas
Job ID: 2142

Job Description

[c. $130-170k Comp Package | Onsite Working]

Our client, a leading global investment bank, is seeking an experienced Vendor Cyber Risk Professional to support their Technology Risk Advisory function in delivering top-tier advisory support and technology solutions across Information Security risk domains. The ideal candidate will have a deep understanding of relevant regulations, be skilled at conducting risk assessments, and have a proven track record of helping counterparts effectively manage risk.

Key Responsibilities:

  • Shape the Vendor Technology Risk strategy and lead a team in assessing and managing vendor Information Security Risk across the firm
  • Oversee Vendor Technology Risk initiatives and assessments, including evaluations of logical security controls, Cloud, Mobile, and Application security
  • Conduct cyber-focused risk assessments and recommend mitigating controls, going beyond just GRC
  • Collaborate with Legal to develop and review Information Security contractual requirements
  • Provide guidance on emerging technologies (e.g., Cloud computing/AI) and assess associated risks
  • Ensure alignment of Technology Risk's role within the Procurement process

Key Requirements:

  • 6+ years of experience in Vendor Cyber Risk Management, with a strong technical foundation
  • Solid grasp of Information Security controls and their implementations, beyond just TPRM
  • Extensive experience working with NIST/ISO/Regulatory frameworks, ideally in financial services
  • Proficiency in conducting cyber-focused risk assessments and recommending mitigating controls
  • Proven track record of implementing well-recognised risk management frameworks
  • Working knowledge of the regulatory landscape and its impact on the vendor ecosystem
  • Bachelor's degree in Computer Science, System/Computer Engineering, Cyber-Security, Information Security, Information Technology, or Risk Management
  • (Preferred) Prior experience conducting IT/cyber security audits
  • (Preferred) Relevant certifications such as CISA, CRISC, CISM, or CISSP


Apply for this role

All fields marked with * are required.

I confirm I have a pre-existing Right to Work in this location *

Back to Job Listings