Systems Engineer, Information Security -Third Party Risk Management

AutoZoneMemphis, TN
74d
Match Resume

About The Position

This position is responsible for the development, maintenance, and execution of AutoZone's Third Party Risk Management (TPRM) program. Primary responsibilities include program management of the TPRM lifecycle, to include conducting due diligence, assessing and monitoring the security posture of third-party vendors and partners, contract risk analysis, and driving risk mitigation efforts. This also includes teaching domain expertise, providing technical guidance and mentoring, supporting internal business partners, resolving problems, and training as required.

Requirements

  • Typically four to seven years' experience in a third party risk management, vendor management, or cyber risk management role in a mid- to large-enterprise environment
  • Solid task estimation, planning and execution skills
  • Solid problem solving, domain technical and analytical skills
  • Solid skills in risk assessment methodologies and vendor evaluation techniques
  • Solid knowledge of Third Party Risk Management Program implementation and operations, including vendor onboarding, due diligence, continuous monitoring, and offboarding
  • Understanding of common security domains such as Infrastructure and Network Security, Application Security, and Data Protection
  • Knowledge of relevant industry standards and compliance frameworks (e.g., SOC 2, ISO 27001, NIST, PCI DSS)
  • Formal Risk Management experience, including risk identification, scoring, and reporting

Nice To Haves

  • Experience with OneTrust, Ariba Contract Management, BitSight Continuous Monitoring
  • Bachelor's degree in Computer Science, Information Systems, or a related field
  • Understanding of, and experience with, scripting or coding languages and generative AI to assist in process automation

Responsibilities

  • Program management of the TPRM lifecycle
  • Conducting due diligence on third-party vendors
  • Assessing and monitoring the security posture of third-party vendors and partners
  • Performing contract risk analysis
  • Driving risk mitigation efforts
  • Teaching domain expertise and providing technical guidance
  • Mentoring less senior analysts and business stakeholders
  • Supporting internal business partners and resolving problems
  • Training as required
  • Participating in all roles of the third party risk management life cycle
  • Assessing third-party security controls, services, and architecture
  • Identifying security concerns and mitigating controls
  • Documenting and managing risks to AutoZone data, systems, and processes arising from third-party relationships
  • Accurate work planning and execution; accurate project and time tracking

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Career Level

Mid Level

Industry

Motor Vehicle and Parts Dealers

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service