Job Summary:
We value the diversity in thought and experience of our coworkers and customers. Through honest, forthcoming, and respectful communications we work to ensure that Fluence is an inclusive and welcoming environment for all.
The Senior Third Party Security Risk Analyst will be responsible for managing and mitigating security risks associated with third-party vendors. This role involves conducting thorough risk assessments, ensuring compliance with security standards, and collaborating with various departments such as Global Procurement, Legal, Internal Audit to enhance our third-party risk management framework.
Key Responsibilities:
- Conduct comprehensive security risk assessments for third-party vendors (Direct, Indirect, Logistics and other types of suppliers/vendors.
- Develop and implement third-party risk management policies and procedures.
- Monitor and report on third-party compliance with security requirements.
- Collaborate with internal teams to address and mitigate identified risks.
- Review and negotiate security-related clauses in vendor contracts.
- Prepare and present reports to senior management on third-party risk activities and findings.
- Stay updated on industry trends and regulatory changes affecting third-party risk.
- Develop automation and dashboard to report on third-party risk activities and identified risks.
Qualifications:
- Bachelor’s degree in Information Security, Risk Management, or a related field.
- Minimum of 5 years of experience in security risk management, with a focus on third-party risk.
- Strong understanding of regulatory requirements and industry standards (e.g., NIST, ISO 27001, IEC 62443 is plus
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Relevant certifications such as CRISC, CISSP, or CISM are preferred.
- Familiar with Third Party Risk Management tools such as UpGuard, Service Now, Aravo, Archer
