Informacje o stanowisku

As a Third Party Risk Manager, you will be responsible for identifying, assessing, and managing cybersecurity risks. The project involves conducting cybersecurity risk assessments for solutions proposed by business or IT teams, including applications, web services (both SaaS and custom), eCommerce platforms and third-party vendors.

Your tasks

• Conduct risk assessments for applications, services, websites, and third-party vendors in accordance with standards and procedures
• Utilize existing tools to assess the security posture of applications, including code scanners, penetration testing, code and configuration reviews, threat modeling, usability studies, and certification reviews
• Identify, quantify, and document security risks
• Collaborate with requestors to validate identified risks and establish an agreed approach to address them
• Provide risk assessment reports to the lead manager for review and approval
• Follow up on conditional approvals with requestors to ensure all specified conditions are met

Requirements:

• Minimum 2 years of professional experience in information security, with a track record of expanding responsibilities
• Proven ability to manage and communicate effectively with business partners at various levels
• Experience in threat modeling for diverse tools and services
• Strong understanding of security concepts, including application and vendor security controls, as well as common threats and vulnerabilities
• Skilled in interpreting and translating penetration test results, code scans, and infrastructure/application vulnerabilities into actionable mitigations
• Familiarity with organization-wide security certifications
• Fluent in English

Białystok - Oferty pracy w okolicznych lokalizacjach