Third-Party Risk Management Specialist

Job Summary

A company is looking for a Third Party Risk Specialist to join their cyber security team.

Key Responsibilities

• Review and analyze SOC-2 Type 2 reports to identify control gaps and security deficiencies
• Evaluate penetration testing reports and conduct comprehensive analysis of third-party risk questionnaires
• Translate complex technical security findings into clear business risk language for stakeholders

Required Qualifications

• Minimum of 7 years of experience in information security and risk management
• Proven experience conducting third-party security assessments and vendor risk evaluations
• Hands-on experience reviewing SOC-2 Type 2 reports and penetration testing documentation
• Extensive knowledge of information security frameworks and regulatory requirements
• Experience with security assessments in cloud environments such as AWS, Azure, and Google Cloud Platform