Information Security Risk Analyst/3rd Party Risk

Careers at Bloomberg

New York

Posted Oct 10, 2016 - Requisition No. 54912

Our Team:

We protect Bloomberg's data.

Our Vendor Information Risk Management team is dedicated to ensuring the security and integrity of Bloomberg vendors that have access to our data. Our clients and colleagues trust us to ensure our data is secure and all risks, vulnerabilities and defects are handled, tracked and remediated according to policy.

What we're looking for:

We need an expert in risk management concepts and processes. A background in security architecture or external/internal audit will also be critical to your success. You should be organized, detail-oriented and have the ability to understand the big picture. Our open spaces and lack of offices or cubicles mean you'll be surrounded by a great team, but you'll need to be comfortable working independently. Building and maintaining relationships at all levels should be second nature to you and managing client/partner expectations- even negotiating as needed -shouldn't scare you.

We'll Trust you to:

  • Execute the vendor assessment program and serve as a contact to participants across the enterprise that put vendors through the program
  • Review vendor due diligence materials (e.g. questionnaires, security documentation, SSAE 16 reports), identify potential issues and follow up for unresolved issues
  • Interpret, Identify, and prioritize security risks based on impact and likelihood
  • Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management.

You need to have:

  • Bachelor's degree in Information Technology, Information Security, Business or Risk Management (or equivalent experience)
  • 5+ years related work experience required
  • Working Knowledge of Information Security and infosec frameworks (NIST CSF, 800-53, etc)
  • Experience with and knowledge in firewall, system, and network architectures and security best practices
Similar jobs