Third Party Cyber Security Risk Analyst

Description

The Cybersecurity Sr. Analyst is a member of the team that evaluates and monitors third party risks. The selected candidate will develop a deep understanding of the client's vendor relationships (including completing reviews of material vendor relationships/programs consistent with policy), as well as participate in monitoring, evaluating, and reporting on other risk areas that could potentially impact the client.

Core Job Responsibilities

• Manage vendor risks as defined by the Technology Vendor Risk Management process and procedures

• Perform daily tasks using operational GRC toolsets (Governance Risk and Compliance)

• Audit the initial approval of new vendor relationships to ensure vendor approval policies are being followed and to identify specific risks that should be monitored.

• Act as a resource to Business Division Leaders and Senior Leadership to assist in the monitoring and analysis of identified risks and performance metrics.

• Analysis of operating statistics and portfolio quality/performance of vendor relationships making recommendations to mitigate risks.

• Regular monitoring of vendor performance to ensure compliance with vendor agreements and commitments.

• Perform periodic reviews of Third Party vendors to confirm risk rating

• Support the advancement of cyber threat and vulnerability management program to ensure consistent identification, analysis, response, and monitoring of cyber security threats, events, and vulnerabilities.

• Guide business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.

• Apply technical knowledge of Quality System Controls to reviews vendors ability to perform, quality audits, review quality events, document control and training management.

• Participate in cross-team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.

• Support management in the development of strategies, policy and standards to protect information and technology assets.

Position Accountability / Scope

• Reports to the Sr. Manager Vendor Risk Management of the Enterprise and Product Security division. The scope of this position is client wide and considers the information security implications unique to all client divisions when implementing governance and risk management strategies.

Minimum Education/Experience

• Bachelor's degree in Information Security, Computer Science, or related field; or equivalent experience

• 5+ years of experience in relevant field

• Other Requirements: Candidate must possess strong analytical skills, an ability to work independently, inquisitiveness about different aspects of client businesses, desire to help others, and interpersonal skills that allow the candidate to work collaboratively with both internal and external customers.

Skills

Risk assessment, Third party risk, Vendor Risk, ServiceNow GRC, GRC, cybersecurity, Audit, Risk management, Risk analysis, Information security

Top Skills Details

Risk assessment,Third party risk,Vendor Risk,ServiceNow GRC,GRC,cybersecurity

Additional Skills & Qualifications

Preferred Experience

• Demonstrated experience with ServiceNow Engage and/or other vendor management software for tracking and managing the vendor management lifecycle.

• Understanding of procurement & risk processes is an added advantage

• Ability to multitask and to complete difficult assignments within tight deadlines

• Skilled at managing issues through to resolution

• Knowledge of information security and risk control

• Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of information security areas/domains

• Collaborate across multi-departments to promote industry best practices and strategic organizational security efforts the development of our IT security policies

• Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, HITRUST and FedRAMP Information Security standard and the ISO 22301 Business Continuity Standard.

• Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance)

• Possess CISSP/CISM certification (or similar) and be knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.

• Lead Auditor Training for ISO 13485, or ISO 9001 (ASQ), or relevant experience, for Quality Systems/GxP-impacting assessments and audits

Experience Level

Intermediate Level

This is a Contract position based out of Abbott Park, IL.

The pay range for this position is $45.00 - $45.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)

This is a fully onsite position in Abbott Park,IL.

This position is anticipated to close on Jun 16, 2026.

About TEKsystems

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records.

Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools.