Cybersecurity Engineering, Staff Engineer (Third-Party Risk Analyst ) Bangalore, India

job
  • Tbwa Chiat/Day Inc
Job Summary
Location
Calgary ,AB
Job Type
Contract
Visa
Any Valid Visa
Salary
PayRate
Qualification
BCA
Experience
2Years - 10Years
Posted
17 Nov 2024
Share
Job Description
Cybersecurity Engineering, Staff Engineer Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Cybersecurity Third-Party Risk Analyst
At Black Duck Software, Inc., we are enthusiastic learners and seasoned inventors. We are makers and visionaries who make technology safer. We are innovators who develop the best solutions to keep your software safe. Whether you’re selling it directly to your customers or relying on it to run your operations, Black Duck helps you protect your bottom line by building trust in your software—at the speed your business demands. We embrace diversity as a company, so we can create solutions that serve not just technology but the humans behind it.
The Cybersecurity team is seeking a passionate, experienced, and collaborative Governance, Risk, and Compliance (GRC) practitioner to focus on our Third-Party Risk Management (TPRM) program.
Key Responsibilities
The Third-Party Risk Analyst supports Third-Party Risk Management (TPRM) activities and our overall GRC program. The Third-Party Risk Analyst is a critical position within the organization with supply chain risk management responsibilities affecting the organization globally. The Third-Party Risk Analyst enables and transforms the TPRM program, improves security compliance, and tracks third-party security risks with the potential to impact business operations, and develops, collects, and reports TPRM program metrics for decision-makers.
Leverage industry frameworks and regulatory standards such as ISO 27001, ISO 27036, NIST SP 800-53, NIST SP 800-161, NIST SP 800-171, NIST CSF, and GDPR to support TPRM activities.
Work with internal stakeholders to build and enhance TPRM controls to improve our business risk posture.
Build and maintain supplier database; track vendor risk assessments and compliance status.
Engage vendors to validate compliance with contractual risk management obligations and vendor risk management framework.
Qualifications
The Third-Party Risk Analyst possesses expert knowledge of computer, network, and information security methods and procedures to enable efficient, effective, and comprehensive TPRM-related business activities. The Third-Party Risk Analyst has experience with risk assessments, risk analysis, ratings, and mitigation controls. Strong analytical and critical-thinking abilities are a must.
Excellent oral and written communication skills are a must.
University degree or equivalent certified education and experience.
Strong interpersonal and collaboration skills.
5+ years of TPRM program implementation, processes, and practices experience.
Familiar with ISO and NIST security control frameworks.
Experience with TPRM tools, technology, and implementations.
Fluent verbal and written English.
Security credentials such as CRISC, CISSP, and related certifications preferred.
About Black Duck Software, Inc.
Black Duck helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
For more information, go to blackduck.com.
Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.
#J-18808-Ljbffr
Other Smiliar Jobs
 
Senior Software Engineer (Backend/Data) Toronto - Canada
  • , ON
  • 5 Days ago
Senior Software Engineer I
  • Waterloo, ON
  • 5 Days ago
Senior Manager, Event Communications & Content Toronto, ON
  • , ON
  • 4 Days ago
Programmeur·euse UI/UI Programmer
  • Montreal, QC
  • 4 Hours ago
Software Developer Montreal, Quebec, Canada
  • Montreal, QC
  • 22 Hours ago
Senior Software Engineer I Waterloo, Ontario, Canada
  • , ON
  • 2 Hours ago
Data Analyst Remote, USA
  • Toronto, ON
  • 2 Hours ago
Senior Android Software Engineer New Toronto, Canada
  • , ON
  • 2 Hours ago
Senior Software Engineer (Infrastructure) Toronto - Canada
  • , ON
  • 2 Hours ago
Software Developer II (m/f/d) Berlin, Germany
  • Toronto, ON
  • 2 Hours ago
Programmeur·euse UI/UI Programmer
  • Montreal, QC
  • 2 Hours ago
Senior Frontend Software Engineer, Profile Features New York City, NY
  • , ON
  • 22 Hours ago
Staff Software Engineer (Commerce) Remote - USA & Canada
  • Toronto, ON
  • 22 Hours ago
Ahmedabad BigCommerce Engineer Engineering
  • Toronto, ON
  • 22 Hours ago
Senior Full-Stack Developer (Drupal)
  • Vancouver, BC
  • 22 Hours ago