Lead Analyst, Security Strategy – Assurance

🕒 vor 5 Tagen

🇺🇸 Vereinigte Staaten – Remote

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

OutSystems

WebsiteLinkedInAlle Stellen

1001 - 5000 Mitarbeiter

Gegründet 2001

🏢 Unternehmen

⚡ Produktivität

☁️ SaaS

Enterprise • Productivity • SaaS

OutSystems ist ein Softwareunternehmen, das eine Low-Code-Plattform für die Anwendungsentwicklung bereitstellt. Sie ermöglicht es Organisationen, Enterprise-Grade-Anwendungen mit minimalem Programmieraufwand zu entwickeln, bereitzustellen und zu verwalten. Durch die Vereinfachung der Anwendungsentwicklung hilft OutSystems Unternehmen, ihre digitale Transformation zu beschleunigen und die Produktivität zu steigern.

Beschreibung

• Own and Mature the Third Party Risk Management Program • Define and drive OutSystems’ TPRM strategy, including risk tiering methodology, assessment frameworks, and ongoing monitoring cadences for critical and high-risk vendors. • Lead end-to-end vendor risk assessments and architect scalable processes that can grow with the business. • Proactively identify gaps between current TPRM practices and industry standards, and build solutions to close them. • Partner with Digital, Procurement, Legal, and Engineering to embed risk requirements into vendor selection and contracting, influencing how partner teams operate. • Maintain the vendor risk inventory, track remediation of identified issues, and report status to leadership with clarity and consistency. • Monitor the threat and regulatory landscape for developments that affect the third-party risk surface. • Own and evolve the enterprise risk register for the Security division, ensuring risks are consistently identified, assessed, and treated across business units. • Design and facilitate risk workshops with functional and business leaders to surface emerging risks and validate control effectiveness. • Develop key risk indicators (KRIs) and produce executive-level risk reporting, including dashboards and trend analyses, that connect security posture to business outcomes. • Integrate risk management into business planning cycles and cross-functional initiatives, ensuring security considerations are embedded early. • Serve as a senior contributor to compliance programs supporting certifications such as SOC 2, ISO 27001, PCI, HIPAA, and regional regulatory frameworks, elevating the work beyond execution to program ownership and continuous improvement.

🎯 Anforderungen

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience. • 7–10 years of experience in information security, risk management, or compliance, with at least 3–4 years focused on third-party or vendor risk. • Demonstrated experience owning and maturing a TPRM program, including framework design, risk tiering, and remediation management. • Strong working knowledge of enterprise risk management frameworks (e.g., NIST RMF, ISO 31000, COSO) and security control frameworks (ISO 27001, SOC 2, NIST CSF). • Experience supporting or leading internal and external audits across certifications such as SOC 2, ISO 27001, or equivalent. • Ability to operate with significant autonomy, define scope on complex and ambiguous projects, and drive cross-functional alignment. • Excellent communication skills

🏖️ Vorteile

• Professional development opportunities • Flexible working hours • Health insurance • Remote work options