IT Security Third Party Risk Management

Location

Noida | India

Job description

In this role, you will have the chance to be part of a passionate distributed team dedicated to fulfilling Ericsson s emerging journey building a strong, resilient, purposed and balanced IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson

IT Security Assurance is a global unit tasked to create and maintain the central IT Security Framework, drive risk management including handling the third party risk management and monitor Ericsson s IT Security posture by continuously assessing the effectiveness of IT Security controls across all Information Technology environments within Ericsson. Our mission is to be a trusted business partner continuously supporting our business stakeholders to uphold their IT Security posture.

• Develop and implement a comprehensive Third Party Risk Management (TPRM) program to assess and lead the cybersecurity risks associated with external representatives and partners.
• Lead a team of TPRM professionals, providing mentorship, support, and expertise in the identification and mitigation of third-party security risks.
• Establish and maintain positive relationships with key stakeholders, including vendors, business units, and executive leadership, to ensure alignment with organizational objectives and risk tolerance.
• Conduct regular risk assessments of third-party vendors, evaluating their security controls, policies, and procedures to identify potential vulnerabilities and areas of improvement.
• Collaborate with legal, compliance, and procurement teams to integrate TPRM processes into the vendor onboarding and contract negotiation processes.
• Develop and enforce policies, standards, and procedures related to third-party risk management, ensuring compliance with relevant industry regulations and standard processes.
• Stay abreast of emerging threats and industry trends, adapting the TPRM program to address new risks and challenges.
• Provide regular reporting and updates to executive leadership on the status of third-party risk management initiatives, including risk assessments, remediation efforts, and overall program effectiveness.
• Conduct training and awareness programs for internal teams to enhance their understanding of third-party cybersecurity risks and their role in handling those risks.
• Collaborate with incident response and crisis management teams to develop and test response plans for third-party security incidents.
• Evaluate and recommend security tools and technologies that enhance the efficiency and effectiveness of the TPRM program.

An ideal candidate for the Head of IT Security Third Party Risk Management should possess a combination of education, experience, skills, and personal qualities to effectively lead and manage the responsibilities of the role:

• Bachelors or master s degree preferably in information and/ or Cybersecurity, Computer Science, or a related field.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Third Party Risk Professional (CTPRP) would be beneficial.
• Extensive experience typically 10-15 years in information security, with a focus on third-party risk management. Validated experience in a leadership or managerial role supervising a team of security professionals.
• Strong understanding of third-party risk management frameworks, methodologies, and regulatory requirements.
• Ability to evaluate and quantify cybersecurity risks and communicate them to both technical and non-technical stakeholders
• Strong communication and interpersonal skills to collaborate with internal and external stakeholders effectively.
• Ability to communicate complex security concepts to non-technical audiences and present findings to executive leadership.
• Strong leadership skills with the ability to inspire and lead a team of security professionals.
• Proven track record to create and maintain a positive and productive work environment.
• Strategic attitude with the ability to align the TPRM program with overall business objectives.
• Capacity to anticipate and plan for future security challenges and developments.
• Familiarity with relevant data protection laws, industry regulations, and compliance standards affecting third-party relationships.
• Willingness to stay updated on the latest security trends, technologies, and vulnerabilities.
• Adherence to high ethical standards and a commitment to maintaining the confidentiality and integrity of sensitive information.

Â

Job tags

Salary