Offers “General Electric”

Expires soon General Electric

Third Party Risk Management Analyst

  • Internship
  • Boston (Middlesex)
  • Personal services

Job description



3518541
Additional Cities

Boston
Career Level

Experienced
Relocation Assistance

No
Business

GE Aviation
Business Segment

Aviation Avionics & Digital Systems
Function

Digital Technology
Country/Territory

United States
Additional States/Provinces

Massachusetts
Postal Code

02210
Role Summary/Purpose

The Need:   A Third Party Risk Management Analyst with at least 3 years’ experience 

The Opportunity:   To contribute directly to the success of innovative cloud based unmanned aerial and autonomous flight operations ecosystem.

Essential Responsibilities

This position is responsible for facilitating Third-Party Risk Management activities including outbound risk assessments, due diligence and ongoing monitoring of third parties.
This position will also evaluate and document internal controls, assisting with internal security reviews, and working with internal teams to address compliance and audit issues surrounding supply chain management. 

Your job will focus on developing supply chain management policies and technical requirements based on industry standards and regulatory requirements. You will lead the analysis of questionnaires pertaining to third party profiles and review evidence of controls and programs.
Essential Responsibilities:
Your job will be to work with operations and engineering team to understand product requirements and come up with third party vendor security requirements based on regulatory requirements and industry best practices. You will be responsible for conducting third party security reviews, identifying security issues and developing security policies, procedures, and standards for AiRXOS’s supply chain management program. You will also provide insight on the adequacy and effectiveness of third party's controls and overall security posture. 

Some tasks you will be working on are:

·  Inventory and maintain all third-party vendor/services and how the vendors integrate, process and store AiRXOS data
·  Facilitate and complete inbound customer security questionnaires pertaining to AiRXOS's security program. 
·  Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service. 
·  Collaborate with Sales and Marketing teams to generate content creation for customers including security whitepapers, product whitepapers and supporting teams on customer inquiry calls. You will also collaborate with stakeholder to identify appropriate criticality of third parties.
·  Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions. 
·  Contribute to third party risk & oversight program execution and adherence, including process enhancements and remediation efforts.

Qualifications/Requirements

·  Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math) strongly preferred; other bachelor's degrees considered with demonstrated related experience
·  At least 3 years of experience with security/privacy
·  Knowledge in Information Security industry best practices. 
·  Knowledge of security standards including NIST Risk Management Framework. 
·  Experience with participating in compliance audits in a lead or supporting role.
• Experience in preparing compliance audit workpapers such as artifact request lists, standard test cases and test plans.
·  Experience with managing and supporting an Enterprise Risk Management (ERM) Lifecycle. 
·  Experience with managing third-party risk.
·  In-depth understanding of the security considerations/implications of AWS platform
·  Must be willing to travel 10%
·  Must
be willing to work out of an office located in Boston, MA
Desired Characteristics

·  Ability to create and analyze metrics to identify trends, gaps and issues 
·  Ability to work independently and in a collaborative team environment
·  Possess an industry certification such as CISSP, CISM, CISA, etc.
·  Experience with using and implementing GRC tools 
·  Understanding of software engineering standards and practices

About Us

AiRXOS is building new technologies and delivering a new architecture and ecosystem for the next generation of unmanned aviation. We are passionate about enabling safe, secure and economical UAV/Drone operations at global scale. We are accomplishing this with a great collaborative team of driven engineers and technologists with expertise in Distributed & Real-Time Software, Web Services, Cloud Computing, Machine Learning Algorithms, Autonomous Systems & Robotics, Cyber Security, Air Traffic Management, Computer Visualization, and Mobile Applications. Together we are delivering capabilities that will enable a new era in aviation and autonomous systems applications. We would love for you to join us!!
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Additional Eligibility Qualifications

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Primary Country

United States
Primary State/Province

Massachusetts
Primary City

Boston

Make every future a success.
  • Job directory
  • Business directory