Cyber Security Third Party Risk Professional

Marvell

  • Bangalore, Karnataka
  • Permanent
  • Full-time
  • 1 month ago
About MarvellMarvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.Your Team, Your Impact As the third-party risk professional you will be responsible for driving risk management for the supply chain (vendors and suppliers) by handling the third-party risk management and monitoring security posture by continuously assessing the effectiveness of security controls.The ideal candidate will have a strong background in driving the end-to-end supply chain security program, and risk management experience with 10+ years of total work experience in information security, with a focus on third-party risk management.What You Can Expect
  • Develop and implement a comprehensive Third Party Risk Management (TPRM) program to assess and lead the cybersecurity risks remediations
  • Manage and continuously improve the risk tiering methodology, risk assessment process flows, risk assessment questionnaires, and reports
  • Responsible for driving third-party risk assessment to identify, monitor, remediate, and manage third-party risks across Marvell’s third-party ecosystem.
  • Own and enforce policies and standards related to third-party risk management, ensuring compliance with relevant industry regulations and standard processes
  • Conduct prior to onboarding due diligence and timely risk-based re-assessments of third-party vendors, evaluating their security controls, policies, and procedures to identify potential vulnerabilities and areas of improvement.
  • Evaluating control effectiveness and review evidence of controls referred in NIST CSF, ISO 27001, CSA CCM, SSAE16, SOC2
  • In-depth knowledge of controls related to data privacy, compliance, incident management, business resiliency, cloud security, and other risk domains.
  • Collaborate with incident response and crisis management teams to develop and test response plans for third-party security incidents.
  • Owns the playbook and is responsible for driving the business impact and assessment in the event of a 3rd party security incident.
  • Responsible for maintaining the 3rd party risk dashboard and keeping it up to date based on events and assessment outcomes.
  • Have experience managing and running TPRM platforms and risk intelligence platforms to perform vendor security assessments
  • Collaborate with business teams, legal, compliance, and procurement teams to integrate TPRM processes into the vendor onboarding and contract negotiation processes.
  • Manage the risk reduction by partnering with the Business team and third-party contacts till the remediation or risk reduction is reached.
  • Provide regular reporting and updates to executive leadership on the status of third-party risk management initiatives, including risk assessments, remediation efforts, and overall program effectiveness.
  • Stay abreast of emerging threats and industry trends, adapting the TPRM program to address new risks and challenges.
#LI-MN1What We're Looking For
  • 10+ years of total work experience in information security, with a focus on third-party risk management.
  • Industry recognized Risk Assessment Certifications (e.g., CISSP, CISA, CRISC, CTPRA, CTPRP, ISO 27001, etc.) strongly preferred
  • Bachelor's or master’s degree preferably in information and/ or Cybersecurity, Computer Science, or a related field.
  • Strong understanding of third-party risk management frameworks, methodologies, and regulatory requirements.
  • Owned and driven TPRM program at a large enterprise.
  • Staying updated on the latest security trends, technologies, and vulnerabilities.
  • Excel and data analytical skills would be an added advantage
  • Strong communication and interpersonal skills to collaborate with internal and external stakeholders effectively.
#LI-MN1Additional Compensation and Benefit ElementsWith competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our page.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Marvell

Similar Jobs

  • Assistant Manager - Cyber Security Third Party Contract

    Hindustan Unilever

    • Bangalore, Karnataka
    Job Title: Assistant Manager - Cyber Security Third Party Contract Location: Bangalore ABOUT UNILEVER: Be part of the world's most successful, purpose-led business. Work with brand…
    • 19 days ago

  • Cyber Security Technical Risk Manager

    Marvell

    • Bangalore, Karnataka
    About Marvell Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive,…
    • 30 days ago