TPRM Security Consultant

• Senior leadership roles in financial services (preferably GSIB's).
• Strong experience in TPRM (across lines of defense at program/framework level).
• Strong Risk Management & Governance experience across TPRM lifecycle stages.
• Expertise & Knowledge of third-party risk assessments & best practices.
• Knowledge of Broader Operational Resilience / Tech Resilience Framework / Programs.
• Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO 22301 etc.
• Experienced in review of SSAE18, SOC 2, HITRUST, SIG and CAIQ reports.
• Understanding of application and network security and should understand penetration testing and scan reports.
• Knowledge of key TPRM regulations such as OSFI - B10, FCA FG 16/5, PRA SS2/21, FFIEC, EBA Guidelines etc.
• Strong audit / control testing skills are desirable.
• Certifications such as CTPRP, CTPRA, CRVPM, CRISC, CISA, CISSP.

Responsibilities:

• Work closely with c-suite / senior leaders to drive TPRM program deliverables, working across multiple teams, geographies.
• Develop and manage a comprehensive third-party risk management frameworks & program deliverable(s).
• Support third party due diligence initiatives including initial risk assessments and ongoing monitoring.
• Lead wider program risk & governance initiatives and facilitate remediation recommendations e.g. related risks, deficiencies, gaps or issues, advice with identifying compensating controls alternative (where compliance requirements cannot be met).
• Document and present overall residual risk to senior leaders (e.g., for approvals and risk acceptances).
• Test design and operating effectiveness of TPRM controls - identify gaps and provide recommendations for improvements.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.