Third-party cyber security analyst

Join to apply for the Third-party cyber security analyst role at SLB

The 3rd Party Cyber Risk Analyst works closely with the 3rd Party Cyber Security Manager, is responsible for implementing the Supplier cyber risk assessment and cyber risk finding workflows, and actively advising Supply Chain (P&SC) and Business owner on Supplier cyber security vulnerabilities and issues.

This position requires a self-driven individual, with sound knowledge of business processes, a thorough knowledge of security technologies or supplier management and good communication skills.

The 3rd Party Cyber Risk Coordinator will need to work with the P&SC Organization along with the Cyber and IT organization in an effort to evaluate our Suppliers and manage the potential risk to SLB through the supplier cyber risk assessment program.

Key Responsibilities

• Follow and enforce processes to ensure compliance with the supplier cyber risk program
• Funnel high and medium inherent cyber risk rated suppliers into cyber risk assessment workflow
• Manage Suppliers cyber risk assessments workflow
• Provide supplier cyber security vulnerability awareness to Supply Chain and Business owner
• Assist on Suppliers related Cyber security incidents investigations
• Help enforce regulatory requirements, e.g., GDPR

Qualifications

Education: A Bachelor of Science degree from an accredited university in the area of engineering, computer science or computer information systems is strongly preferred; equivalent work experience may be considered.

Experience: Minimum of five years of experience within one or more of the following areas of integrating security into the business, security risk management, information processes, product security, business architecture positions, supplier management.

Additional: Applicant must have a valid work permit.

Professional supplier Management or Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials would be a strong plus

General Requirements

• Experience working with Suppliers or Analyzing 3rd party Risk
• Experience in preparing management summary presentations
• Must be a critical thinker, with strong problem-solving skills.
  
  
• Strong Analytical skills
• Ability to work at level from initial concept to operational implementation.
  
  
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security related concepts to technical and nontechnical audiences.
  
  
• Ability to discuss technical matters with 3rd parties, and be able to influence them so that they improve their Cyber Security posture
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST would be a plus
• Familiarity and adherence to change management policies and procedures.
  
  
• Self-driven & Creative thinker
• High standards, strong attention to detail.
  
  
• Ability to work in a fast-paced large enterprise environment
• Willing to work flexible hours when required and appropriate
• Fluency in English
• Must have a strong, demonstrated commitment to customer service and be committed to pro-active review of processes and procedures to continually enhance service quality, service delivery and support