Analyst, Vendor Risk Management
United States - Remote
BlueVoyant
Analyst, Vendor Risk Management
The Analyst, Vendor Risk Management will work with clients to identify client supply chain risk and cybersecurity challenges, advise on best practices in vendor risk management, and ensure successful delivery of BlueVoyant solutions to solve customer problems. The incumbent will consult directly with clients to establish and improve the management of vendor risks, implement third-party cybersecurity risk management programs and support the day-to-day review of and interaction with third party vendors.
Key Responsibilities
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!
Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.
Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.
All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.
- Location: Hybrid In Washington, DC Metro Area
- United States Citizenship Required
The Analyst, Vendor Risk Management will work with clients to identify client supply chain risk and cybersecurity challenges, advise on best practices in vendor risk management, and ensure successful delivery of BlueVoyant solutions to solve customer problems. The incumbent will consult directly with clients to establish and improve the management of vendor risks, implement third-party cybersecurity risk management programs and support the day-to-day review of and interaction with third party vendors.
Key Responsibilities
- Participate in third-party risk management consulting engagements as part of BlueVoyant’s Supply Chain Defense business
- Support Third Party Risk Workshops at BlueVoyant Clients focused on the following topics:
- Vendor Identification and Stratification
- Vendor On-boarding, Monitoring and Remediation
- Cybersecurity Risk Questionnaire Development
- Project and program delivery, including project and process management, reporting, engagement in senior leadership meetings, drafting and reviewing materials for senior management and other governance activities
- Communicate findings and recommendations to client stakeholders, best practices, tools and technology
- Mature standard operating procedures for customers to optimize utilization of BlueVoyant’s offerings
- Enable business development in renewal, cross-sell, and up-sell opportunities of BlueVoyant offerings while maintaining client trust
- Create repeatable processes and frameworks portable across clients and industries to accelerate future Third-Party Risk Cybersecurity Risk Management implementations
- Work 1-2 Days per week from Washington, DC area office
- Travel to clients as requested
- CISSP or similar preferred.
- Familiarity with encryption fundamentals and network design required.
- 2+ years of Third-Party Risk Management consulting (including vendor cybersecurity risk) at a Big 4 consulting firm or vendor risk management company
- 3+ years leading an enterprise risk management program, including Third-Party Risk, Internal Risk Maturity and Assessment, Risk Consolidation, and Risk Reporting
- Information security/cybersecurity accreditation and background
- Experience working in a cybersecurity or technology organization
- Entrepreneurial nature and drive for results
- Clear communication and writing skills
- Ability to conduct deep client discovery to uncover root cause problems and build trusted relationships
- Ability to design programs and solutions with minimal guidance and oversight
At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!
Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.
Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.
All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.
BlueVoyant Candidate Privacy Notice
To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
17
1
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Analytics CISSP Encryption Governance Monitoring Privacy Risk management
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Penetration Tester jobsInformation Security Specialist jobsInformation Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsPrincipal Security Engineer jobsSenior Penetration Tester jobsIT Security Engineer jobsChief Information Security Officer jobsCloud Security Architect jobsCyber Security Specialist jobsSenior Information Security Analyst jobsSecurity Specialist jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsIT Security Analyst jobsSenior Product Security Engineer jobs
RMF jobsSaaS jobsSDLC jobsEncryption jobsMalware jobsEDR jobsIDS jobsIPS jobsGDPR jobsSplunk jobsSQL jobsForensics jobsDoDD 8570 jobsBash jobsTop Secret jobsITIL jobsFinance jobsOWASP jobsIntrusion detection jobsUNIX jobsTerraform jobsCompTIA jobsCRISC jobsDocker jobsTCP/IP jobs
Polygraph jobsSANS jobsActive Directory jobsGIAC jobsThreat detection jobsData Analytics jobsClearance Required jobsBanking jobsCCSP jobsVPN jobsAnsible jobsSOAR jobsOSCP jobsGCIH jobsDNS jobsJavaScript jobsJira jobsArtificial Intelligence jobsSOX jobsSOC 2 jobsIT infrastructure jobsHIPAA jobsSecurity strategy jobsMITRE ATT&CK jobsOracle jobs