Business Information Security Officer

Job Summary

A company is looking for a Business Information Security Officer specializing in Third Party Risk Management.

Key Responsibilities:

• Oversee the organization's Third-Party Risk Management (TPRM) program including policies, standards, procedures, and governance
• Lead comprehensive security assessments of potential and existing third-party vendors, evaluating their security posture and compliance
• Partner with business stakeholders to integrate security requirements into vendor selection and ongoing vendor management processes

Required Qualifications:

• 10+ years of progressive experience in information security roles, with at least 5 years focused on third-party risk management
• Demonstrated experience developing and implementing third-party assessment methodologies and frameworks
• Strong background in technical security domains including network security, application security, cloud security, and data protection
• Extensive knowledge of information security frameworks and regulatory requirements
• Current professional certifications such as CISSP, CISM, or CRISC