Global Third Party Risk Management (TPRM) – Continuous Monitoring Sr. Consultant
What We'll Bring
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we’re consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology.
What You'll Bring
• A passion for information security, rapid change, and acting as an advocate for strong risk management.
• Familiarity with leveraging continuous monitoring tools, intelligence feeds, and open source intelligence (OSINT) to analyze and monitor cyber security risk posture of third parties. Third party risk or consulting experience a plus.
• Experience collaborating with business leaders and third parties to articulate information security risks and influence risk behavior.
• Bachelor’s degree in information systems, computer science, engineering or related technical field. • Familiarity with using GRC platforms/tools such as RSA Archer.
• Experience in information security risk assessments or consulting, involving one of more areas of application security, cryptography, incident management, network security, web application security or vulnerability management
• Information Security and cloud certifications a plus (e.g. CISSP, CEH, AWS Practitioner/Security Specialty).
Impact You'll Make
• Lead third party continuous monitoring program initiatives that provides visibility of ongoing risk posture of TransUnion's third parties globally.
• Manage and maintain third party risk management portfolio in continuous monitoring tools.
• Use critical thinking skills to identify, research and evaluate risk at third parties that use a range of diverse technologies, including cloud and big data analytics tools.
• Collaborate globally with senior leaders at TransUnion and business partners to discuss third party risk and promote a risk-aware culture.
• Leverage continuous monitoring tools, intelligence feeds and open source intelligence (OSINT) to monitor cyber security risks of third parties between risk assessments.
•Provide administrative support of GRC platform/tools to help manage the third party risk management workflow process.
• Participate in investigating third party security incidents and breaches.
• Bring new ideas and lead projects that improve the continuous monitoring process of third parties.