IT - Third Party Risk Manager I (Remote)
About The Position
The Cincinnati Insurance Companies are seeking an extraordinary person to join their talented team as a Third Party Risk Manager I. This role is part of the Vendor Management Office department within IT. The company emphasizes putting people first, ethical operations, and providing excellent service to independent agents. They are looking for individuals who are ready to build productive relationships, collaborate within a diverse team, embrace challenges, and develop their skills. This position offers career opportunities for contribution and growth. A mandatory requirement for all IT associates is to have cameras turned on for all interactions to ensure active engagement and effective communication.
Requirements
- Demonstrate an understanding of fundamental aspects of information security (i.e. data classification, inventories, technical/ procedural/ physical control categories).
- Demonstrate an understanding of information security standards and regulations (e.g., ISO 27001/27002, NIST, FFIEC, etc.), and commonly used concepts, practices and procedures within the information security and privacy fields.
- Demonstrate an understanding of the fundamentals of vendor relationship management (i.e. stakeholder management, communication, problem solving and organizational skills, relationship building).
- A bachelor’s degree or technical institute training or any combination of education and experience that would provide an equivalent background.
Responsibilities
- Conduct information security risk assessments of vendors and vendor software, based on company standards and risk appetite, leveraging demonstrated working knowledge of industry security practices.
- Make information security risk recommendations on behalf of the company, within limits approved by management.
- Review project documentation, system design documents, vendor security policies and other vendor security references (i.e. SOC II type 2, SIG, AUP, PCI ROC, TPRM monitoring reports, etc.) to determine the extent, type, and scope of risks of the vendor relationship.
- Provide security-related recommendations and communicate the need for the changes to business, IT and other stakeholders.
- Coordinate with IT architects, project teams and vendors to bring system designs into alignment with company security standards.
- Follow procedures to establish company records for the risk management process.
- Modify vendor risk procedures and other tools to support continuous improvement of the vendor risk management program.
- Support IT management relative to vendor product ownership responsibility, product license needs, license and support renewal process.
- Follow vendor governance policies and procedures that drive the behaviors of those individuals/organizations.
- Inform IT and business unit stakeholders on vendor management practices.
- Work with business partners and other IT service areas in the requirement gathering process.
- Manage vendor relationships including negotiation, license/cost analysis, audit support and coordination, product renewals, and performance monitoring.
Benefits
- Variety of benefits and amenities packages.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
