Cybersecurity Analyst, Third-Party Risk & Technology Governance

Your Title: Cybersecurity Analyst, Third Party Risk and Technology Governance

Job Location: Mexicali Mexico OR Mexico City, Mexico-Onsite

Our Department: Corporate Cybersecurity

Are you ready to be the defender of our extended enterprise?

We're looking for a Cybersecurity Analyst who can step into a pivotal role managing and mitigating the cybersecurity risks associated with all of our third-party relationships and vendors.

What You Will Do

We're seeking a proactive and detail-oriented specialist who's passionate about blending cyber defense with operational efficiency. This isn't just about managing risk; it's about pioneering the future of security assessments. You'll be instrumental in optimizing workflows, championing the implementation of automation, and directly helping us build the strategy for assessing vendors who leverage cutting-edge technologies like Artificial Intelligence (AI) and Machine Learning (ML). If you thrive on tackling complex challenges and want to ensure our program is scalable, efficient, and prepared for the next wave of technology, this role offers the perfect platform to make a significant, measurable impact.

• Lead comprehensive cybersecurity risk assessments for new and existing vendors, partners, and suppliers.

• Analyze and validate vendor security documentation, including SOC 2, ISO 27001 certifications, and security questionnaires (SIG/CAIQ).

• Evaluate vendor control environments, specializing in cloud infrastructure (AWS, Azure, GCP), application security (OWASP Top 10), and data protection.

• Clearly articulate and document technical risks for both technical teams and senior business stakeholders.

• Collaborate with Legal and Procurement to develop, track, and enforce vendor risk remediation plans.

• Drive efficiency and consistency by analyzing and optimizing the end-to-end Third-Party Risk Management (TPRM) lifecycle.

• Design and implement automated workflows within our Governance, Risk, and Compliance (GRC) platform.

• Define, track, and report Key Performance Indicators (KPIs) and metrics to measure TPRM program health and effectiveness.

• Maintain core program documentation, including Standard Operating Procedures (SOPs) and assessment methodologies.

• Conduct specialized AI vendor security evaluations covering critical domains such as model integrity, data privacy, and adversarial attack resistance.

• Provide guidance on the secure and responsible adoption of third-party AI technologies to internal teams.

• Stay current with evolving AI regulatory frameworks (e.g., NIST AI RMF, EU AI Act) and emerging security threats.

• Leverage AI solutions to automate dynamic risk management and continuous testing of vendor controls.

What Skills and Experiences You Should Bring

• 3 years of experience in an information security, IT audit, or technology risk management role.

• At least 2 years of direct, hands-on experience in Third-Party Risk Management (TPRM).

• Proven ability to analyze and streamline complex processes, with a track record of implementing successful improvements.

• Strong technical knowledge of core cybersecurity domains, including cloud security, network security, identity and access management (IAM), and encryption.

• Demonstrated experience interpreting security reports and assessing the effectiveness of technical controls.

• A strong interest in and foundational understanding of AI/ML technologies and their unique security challenges.

• Excellent analytical skills, with the ability to think critically and solve problems independently.

• Strong written and verbal communication skills, capable of engaging with a wide range of audiences.

• Hands-on experience with TPRM platforms.

About Your Location

Trimble Inc. has established a significant presence in Mexicali, Baja California, Mexico, by setting up a world-class software research and development center. This facility is part of Trimble's strategic expansion to accelerate the delivery of products and services worldwide.

Located in Mexicali, Trimble's R&D center focuses on developing cutting-edge technologies across various industries, including agriculture, construction, geospatial, and transportation. The center is involved in creating, maintaining, supporting, enhancing, and monitoring products and solutions for Trimble's diverse divisions.

About Trimble’s Cybersecurity, Third Party Risk and Technology Governance Team

This team is a strategic assurance partner, ensuring that all parts of the global Trimble enterprise, including its products and vendors are compliant, secure, and resilient.

How to Apply: Please submit an online application for this position by clicking on the ‘Apply Now’ button located in this posting.

Posting Date

Application Deadline: Applications could be accepted until at least 30 days from the posting date.

Join a Values-Driven Team: Belong, Grow, Innovate. 

At Trimble, our core values of Belong, Grow, and Innovate aren't just words—they're the foundation of our culture. We foster an environment where you are seen, heard, and valued (Belong); where you have an opportunity to build a career and drive our collective growth (Grow); and where your innovative ideas shape the future (Innovate). We believe in empowering local teams to create impactful strategies, ensuring our global vision resonates with every individual. Become part of a team where your contributions truly matter. 

Trimble’s Privacy Policy

If you need assistance or would like to request an accommodation in connection with the application process, please contact [email protected].