Risk Assurance Senior Analyst

Description

• Assisting Procurement risk teams to facilitate risk identification and assessment for Third Party products/services during the on-boarding process.
• Project manage and executing on-going risk assurance activities including re-completion of Cyber Assurance activities and oversight of Businesses to ensure continued compliance with TPRA requirements.
• Project manage the enterprise TPRA service, requirements, procedures, technology, tools and templates.

Key Responsibilities:

• Ensure that third parties are classified based on the inherent and residual cyber risks for the products/services provided.
• Execute cyber assurance activities on behalf of the business and ensure coordination of efforts in a timely manner. This includes, but is not limited to leveraging external security reports, performing remote or on-site deep dive security control evaluation and independent report evaluation.
• Generate key risk metrics, reporting and dashboards, then deliver as applicable to stakeholders.
• Perform Quality Control (QC) and Quality Assurance (QA) on TPRA activities completed throughout the life cycle.
• Oversight of third party data integrity and source of truth management within the TPRA Tool.

Qualifications

• Bachelor's Degree or equivalent work experience
• 3+ years of experience in Third Party Risk Assurance or audit required
• Deep knowledge of cyber security principles and best practices
• Audit background, including familiarity with SOC I (SSAE16 ) and SOC II, ISO 27001, etc. preferred
• Knowledge of insurance industry preferred as well as Third Party Risk Assurance service design and execution