At Mr. Cooper Group, You Make the Dream Possible.
Our purpose is simple: Keeping the dream of homeownership alive. As a Mr. Cooper Group team member, you play a big role in making that dream possible. Around here, we know our roles and work together, volunteer to make a difference, and challenge the status quo when needed. Everything we do is in the care and service of our teammates and our customers.
Join us and make the dream of home ownership possible!
We're seeking a Third-Party Security Risk Analyst to be a part of our Information Security organization. This position offers a chance to directly shape and enhance our third-party security risk management program. The Analyst will play a pivotal role in in assessing and managing security risks associated with our third-party relationships.
Responsibilities:
-
Conducting comprehensive security risk assessments of third-party vendors, evaluating their security controls, policies, standards, and infrastructure.
-
Identifying potential risks and vulnerabilities with third-party vendors throughout the third-party vendor lifecycle.
-
Thoroughly reviewing third-party contracts and agreements to represent our risk interests.
-
Collaborating with cross-functional teams and lines of business to ensure third-party vendor risks are identified and addressed.
-
Review and monitor third-party security risks, threat alerts and respond to third-party incidents.
-
Develop and maintain comprehensive third-party risk management procedures, trackers, and documentation, aligned with industry best practices.
-
Recommend and implement process improvements related to the overall program and daily work to improve efficiency and results.
-
Attend third-party onsite visit assessments (physical and remote) and perform security assessments (willingness to travel to vendors up to 10% of the time).
-
Provide reports and metrics for third-party assessments to senior management and stakeholders.
Qualifications:
-
Bachelor's degree in Computer Science, Information Technology, or a related field or equivalent work experience.
-
At least 3 years of experience in Information Security managing third-party vendors.
-
At least 3 years of experience conducting risk assessments.
-
At least 2 years of experience communicating and presenting to senior-level management.
-
Understanding of relevant security standards, frameworks and regulations (e.g., NIST, GDPR)
-
Experience with third-party vendor security assessment methodologies and security monitoring tools.
-
Ability to articulate identified risks to management and key stakeholders in a clear, actionable manner.
-
Must have excellent written and verbal communication. Must be analytical, possess critical thinking and interpersonal skills.
-
Ability to work independently and as part of a team.
-
Requires minimal direction in managing the program.
Mr. Cooper Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or status as a protected veteran. EOE/M/F/D/V
Job Requisition ID:
022105
Job Category:
Information Technology
Primary Location City:
Dallas
Primary Location Region:
Texas
Primary Location Postal Code:
75019
Primary Location Country:
United States of America
Additional Posting Location(s):