Third-Party Security Risk Analyst
- Employer
- Blue Cross Blue Shield of ND
- Location
- Fargo, North Dakota
- Salary
- Join our team!
View more
- Industry
- Financial Services and Banking
- Role
- Law Enforcement / Security
- Job Type
- Long-Term
- Hours
- Full Time
You need to sign in or create an account to save a job.
Job Details
Job Summary
The Third-Party Security Risk Analyst is responsible for effectively evaluating, assessing, and reporting on third-party risks ensuring vendors and/or potential new services are securely implemented. This role partners with business owners across the organization to identify, analyze and mitigate third-party risk and drives process and control enhancements, providing expertise and guidance in risk/controls and the development of action plans.
Essential Functions
Knowledge, Skills and Abilities
Research and Data Analysis
Intermediate
Attention to Detail and Accuracy
Advanced
Collaboration
Intermediate
Communication (Verbal/Written)
Advanced
Technical/Professional Knowledge and Skills
Intermediate
Relationship Management
Intermediate
Education Requirements
Required: Bachelor's
Preferred: Bachelor's
Field(s) of Study: Business, Information Security, Information Technology, Computer Science, Finance or related field
Experience Requirements
Required: Minimum of 4 Years
Preferred: Minimum of 6 Years
Experience Details: Minimum of 4 years of information security, vendor management, supply chain management, cybersecurity, audit, risk, finance, or related field is required; ability to consult with customers in a service advisory capacity is preferred.
Certification, Licensures & Registration Requirements
Title: CRISC, CISA, CISSP, CRVPN or related certification is preferred
State or Agency: ISACA, ISC2 or Compliance Education Institute
Equivalent combination of education, experience or training determined to be acceptable by Human Resources may be substituted, unless regulated by contract or program standards
Physical Demands
Sitting
Frequent (60-90%)
Hearing
Frequent (60-90%)
Typing/Data Entry
Constant (90-100%)
Use of Computer, Telephone or Other Devices
Constant (90-100%)
Talking
Occasional (30-60%)
Travel
Occasional (30-60%)
Other Information
Important Notice
BCBSND has a vaccination protocol in place that requires any employees who physically work in a BCBSND office or whose role requires direct customer contact to be vaccinated against COVID-19. We respect your choice to get vaccinated (or not) and getting vaccinated is not a condition of employment. If you are not vaccinated, you may work remotely if your role allows for it. If your role does not allow for remote work and you are unable to get the COVID-19 vaccine, there is an exception process available that includes a weekly testing regimen.
Job Posting Policy
Employees new to Blue Cross Blue Shield of North Dakota are eligible to apply for positions within their assigned department after successfully completing 90-days in their role. For positions outside of their department, new employees should attain a minimum of six months of service before applying for a new role. Exceptions to this are acceptable, provided there is good business justification for making the move.
Equal Opportunity Employment
Equal Opportunity Employer of Minorities, Females, Protected Veterans and Individual with Disabilities, as well as Sexual Orientation or Gender Identity.
For questions, please email careers@bcbsnd.com
This job posting will be closed 1/31/2022 at 8:00AM CST. No further applications will be considered.
The Third-Party Security Risk Analyst is responsible for effectively evaluating, assessing, and reporting on third-party risks ensuring vendors and/or potential new services are securely implemented. This role partners with business owners across the organization to identify, analyze and mitigate third-party risk and drives process and control enhancements, providing expertise and guidance in risk/controls and the development of action plans.
Essential Functions
- Conducts, tracks, and monitors third-party risk management activities such as risk assessments, due diligence, vendor action plans and ongoing monitoring. Collaborates with internal business owners to document appropriate action plans to reduce identified risks.
- Partners with internal business owners to identify, analyze and mitigate third-party security risk associated with outsourced activities and products.
- Leads third-party risk assessments for security-related processes and systems ensuring adherence to security requirements. Develops mitigation strategies designed to lower inherent and residual risk based on risks identified and business unit requirements.
- Supports business operations by partnering with the business to create best practice solutions and drives process and control enhancements, providing expertise and guidance in risk/controls and the development of corrective action plans.
- Assesses and interprets third-party documents and other pertinent source documents as necessary to support testing requirements and audit processes.
- Prepares and presents vendor management reporting focusing on service levels, risks, issues, proactively identified opportunities, and ideas for improvement.
- Maintains an awareness of existing and proposed security-standard-setting groups, state and federal legislation and regulations pertaining to information security.
- Monitors open third-party security issues and remediation actions associated with security control gaps to ensure timely closure. Work with internal and external teams to resolve escalated and complex issues.
- Supports the standardization of the Supplier Relationship Management framework. Creates and recommends standard operating procedures, policy, and tool changes to improve effectiveness of the program.
- Leads security enhancement projects focused on new or changing third-party relationships. Maintains and improve knowledge of information security technology and trends and familiarity of third-party systems and processes.
Knowledge, Skills and Abilities
Research and Data Analysis
Intermediate
Attention to Detail and Accuracy
Advanced
Collaboration
Intermediate
Communication (Verbal/Written)
Advanced
Technical/Professional Knowledge and Skills
Intermediate
Relationship Management
Intermediate
Education Requirements
Required: Bachelor's
Preferred: Bachelor's
Field(s) of Study: Business, Information Security, Information Technology, Computer Science, Finance or related field
Experience Requirements
Required: Minimum of 4 Years
Preferred: Minimum of 6 Years
Experience Details: Minimum of 4 years of information security, vendor management, supply chain management, cybersecurity, audit, risk, finance, or related field is required; ability to consult with customers in a service advisory capacity is preferred.
Certification, Licensures & Registration Requirements
Title: CRISC, CISA, CISSP, CRVPN or related certification is preferred
State or Agency: ISACA, ISC2 or Compliance Education Institute
Equivalent combination of education, experience or training determined to be acceptable by Human Resources may be substituted, unless regulated by contract or program standards
Physical Demands
Sitting
Frequent (60-90%)
Hearing
Frequent (60-90%)
Typing/Data Entry
Constant (90-100%)
Use of Computer, Telephone or Other Devices
Constant (90-100%)
Talking
Occasional (30-60%)
Travel
Occasional (30-60%)
Other Information
Important Notice
BCBSND has a vaccination protocol in place that requires any employees who physically work in a BCBSND office or whose role requires direct customer contact to be vaccinated against COVID-19. We respect your choice to get vaccinated (or not) and getting vaccinated is not a condition of employment. If you are not vaccinated, you may work remotely if your role allows for it. If your role does not allow for remote work and you are unable to get the COVID-19 vaccine, there is an exception process available that includes a weekly testing regimen.
Job Posting Policy
Employees new to Blue Cross Blue Shield of North Dakota are eligible to apply for positions within their assigned department after successfully completing 90-days in their role. For positions outside of their department, new employees should attain a minimum of six months of service before applying for a new role. Exceptions to this are acceptable, provided there is good business justification for making the move.
Equal Opportunity Employment
Equal Opportunity Employer of Minorities, Females, Protected Veterans and Individual with Disabilities, as well as Sexual Orientation or Gender Identity.
For questions, please email careers@bcbsnd.com
This job posting will be closed 1/31/2022 at 8:00AM CST. No further applications will be considered.
Company
TWO WORDS – MEMBERS FIRST.
That sums up why we’re here. And according to member satisfaction surveys, 95.6% say we’ve done a great job at maintaining that focus.
With that said, there are still mountains to move. America’s health care system needs an overhaul and Blue Cross Blue Shield of North Dakota is taking a lead role. To accomplish that, we need BOLD people who believe they can make an impact.
Are you ready to shake up an industry?
If you’re passionate about taking on our nation’s number one health care concern, there may be a place for you on one of our teams.
Company info
- Website
- https://www.bcbsnd.com/jobs/
- Location
-
4510 13th Ave. S.
Fargo
ND
58103
United States
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert