Cybersecurity and Third-Party Risk Manager

Lord AbbettJersey City, NJ

About The Position

Lord Abbett is seeking a Risk Manager to support the Firm’s Information Security Program, specifically to Third-party Risk Management (TPRM) and Cybersecurity programs. The role will be responsible for supporting the execution of the TPRM lifecycle to ensure vendor risk is managed consistently across security, operational resilience, financial and compliance dimensions as well as strengthening the Firm’s cybersecurity posture through policy and control oversight, control effectiveness validation, and collaboration of security initiatives. This role requires close coordination across Enterprise Risk Management, Technology, Operations, Compliance, and business stakeholders to maintain an integrated and enterprise-wide resilience posture. The candidate must be capable of operating independently within a Second Line of Defense model while providing structured oversight, credible challenge, and actionable reporting. Responsibilities may intersect with strategic initiatives, regulatory change, digital transformation efforts, and new product or platform implementations. Strong critical thinking, writing, presenting, and stakeholder management skills are essential. Given the dynamic nature of this role, curiosity to learn about all portions of the business and high responsiveness to internal and external events are extremely important.

Requirements

  • Bachelor’s degree in information security, Computer Science, Risk Management, or related field preferred.
  • 5+ years of experience in cybersecurity, technology risk, or risk assurance; financial services experience preferred.
  • Hands-on experience in TPRM, including vendor lifecycle management.
  • Experience assessing controls, supporting incident reviews, and providing risk oversight.
  • Familiarity with frameworks such as NIST, ISO 27001, and SOC 2.
  • Knowledge of vulnerability management, incident response, IAM, cloud security, and security monitoring tools.
  • Experience with TPRM/GRC platforms preferred.
  • Strong analytical, communication, and stakeholder management skills.
  • Ability to operate independently, manage priorities, and work across teams.

Nice To Haves

  • Relevant certifications (e.g., CISSP, CISA, GIAC, Security+, CRVPM) are a plus.

Responsibilities

  • Execute the full TPRM lifecycle: onboarding, due diligence, risk assessment, monitoring, issue remediation, and offboarding.
  • Perform vendor risk assessments across information security, operational resilience, financial, compliance, and third-party dependencies; document and risk-rate findings.
  • Maintain vendor inventory and workflows within the TPRM/GRC platform; monitor changes in vendor risk posture.
  • Manage vendor issues, including remediation tracking and incident escalation coordination.
  • Develop reporting and dashboards to communicate vendor risk exposure, trends, and remediation status.
  • Partner with Legal and business teams to align TPRM outcomes with contracting, SLAs, and governance; support training and accountability.
  • Provide independent oversight of the information security program, including policies, standards, and control ownership.
  • Review and challenge the information security strategy for alignment with risk appetite, regulatory requirements, and emerging threats.
  • Support program maturity and consistent control application; contribute to CISO and committee reporting.
  • Review cybersecurity incidents, including root cause, remediation, and improvement actions.
  • Support incident response planning and exercises.
  • Translate technical findings into clear risk insights for technical and non-technical stakeholders.
  • Assess control design and effectiveness across infrastructure, applications, cloud, and identity/access management; validate remediation.
  • Maintain the cybersecurity risk register and track remediation of high-risk issues.
  • Conduct control testing and independent assurance activities.
  • Collaborate across Technology, Legal, Compliance, and business teams to embed security practices.

Benefits

  • competitive total compensation
  • retirement plans
  • competitive health and well-being plans
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service