Third Party Risk Management - Senior Consultant

| Chicago, IL | Hybrid
Sorry, this job was removed at 3:26 a.m. (CST) on Monday, April 25, 2022
Find out who's hiring in Chicago, IL.
See all Operations jobs in Chicago, IL
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Job Summary
The Third Party Risk Management program at CNA coordinates and performs risk management assessments across cybersecurity business continuity compliance and general operational risk controls throughout the lifecycle of the Third Party relationship. There are two open positions available, which are responsible for executing Third Party Risk assessments to include Due Diligence Questionnaire reviews as well as control validations conducted remotely or onsite. As a senior resource in the Third Party Risk Management team this position is expected to complete more complex assessments and handle escalations requiring sensitivity and nuance.
Performs a combination of duties in accordance with departmental guidelines:

  • Perform Third Party Risk assessments by evaluating Third Party questionnaire responses performing control review/validation and assessment documentation per established procedures and standards.
  • In the course of executing assessments actively project manages all assessment deadlines by coordinating execution with both the external Third Party and internal business partners to include active status monitoring and follow up with stakeholders.
  • Support Third Party onboarding ongoing monitoring and Third Party off-boarding answering any internal stakeholder questions related to ongoing assessments.
  • Provide support to Third Parties completing Due Diligence Questionnaires by clarifying intent behind questions and expected supporting evidence.
  • Perform periodic quality assurance and review of Third Party Risk assessments performed by other team members to ensure that all assessments meet established standards and expectations.
  • Take the lead on any escalated or sensitive Third Party Risk assessments. Directly engage business leadership as needed to support escalated assessments.
  • Actively solicit business partner engagement and buy-in by educating internal stakeholders on Third Party Risk management processes and benefits of the program.
  • Provide guidance and training to other Third Party Risk Management assessors as required in the course of Third Party Risk Assessment execution.
  • Execute program analytics to include but not limited to process adherence reporting program Key Performance Indicators Third Party Risk Key Risk Indicators and escalation reporting and management.
  • Directly assist the AVP of Third Party Assurance in managing and implementing all identified program process and technology configuration process improvements in the Third Party Risk Management program roadmap.


Reporting Relationship
Director or above
Skills Knowledge & Abilities

  • Thorough knowledge of industry security standards to include but not limited to NIST ISO and COBIT.
  • Domain expertise in information security and business resiliency to include infrastructure security access management cloud security and physical and environmental security controls.
  • Ability to manage remote teams train and coach assessors on internal processes.
  • Experience in program reporting metrics and analytics.
  • Ability to work with both technical and non-technical internal business stakeholders.
  • Effective verbal and written communication skills.
  • Strong interpersonal skills with the ability to work with staff at all levels.
  • Detail oriented with strong organizational skills and ability to manage multiple projects effectively.
  • Proven thought leadership and ability to provide informal guidance to more junior team members.
  • Strong knowledge of Microsoft Office Suite and other business-related software systems including processing systems and applications.


Education & Experience

  • Bachelor's degree or equivalent
  • Typically 5 – 7 years of experience in Supplier Risk or Third-Party Risk assessment
  • CISSP CRISC or CISA highly preferred


#remote
#LI-ES2

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • Node.jsFrameworks
    • SpringFrameworks
    • AccessDatabases
    • DB2Databases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SalesforceCRM
    • SendGridEmail
    • MarketoLead Gen

An Insider's view of CNA

How would you describe the company’s work-life balance?

Work-life balance has always been a priority for me. It always will be. CNA’s hybrid working model allows me to not only maximize collaboration with my peers but also take advantage of increased flexibility by combining remote and in-office work. I’m empowered to take control of my schedule based on what works best for me and my team.

Alison Massey

Agile Scrum Master Consultant

How do you collaborate with other teams in the company?

On the Security Advisory team, collaboration is key to what we do. We sit at a unique intersection of security goals and business objectives. By working across nearly every IT team at CNA, we balance the need for maintaining secure initiatives and keeping projects on track. It’s our job to find the best, secure path to ‘Yes’ for business requests.

Zach Jones

Director, Security Advisory

How has your career grown since starting at the company?

I joined CNA as a contractor and became a full-time employee after an eight-year contractor journey. I’m passionate about solving technical challenges and CNA allows me to foster that passion. Every day, I learn about emerging technologies. I’m empowered to develop, grow, and create a career that works for me and my lifestyle.

SenthilKumar Asokan

Applications Engineer Senior Specialist

How do your team's ideas influence the company's direction?

Enterprise Architecture creates foundations for IT expectations across CNA. I’m on a team that builds reusable IT assets, communicates best practices, and decides standards for tooling, and more. I influence CNA outside of my role, too, specifically through CNA’s Employee Resource Groups. I’m empowered to influence both IT and our culture of inclus

Lisa Smith

Architecture Senior Specialist

What does career growth look like on your team?

Career growth can take on many different forms at CNA, and that’s because there are always opportunities to acquire transferrable skills. On my team specifically, we’re encouraged to identify and work toward development opportunities that matter to us. We’re empowered to make a difference while advancing our careers.

Josie Lee

Director, HR Business Partner

What are CNA Perks + Benefits

CNA Benefits Overview

One of the many advantages of working at CNA is the benefits program we offer you and your eligible dependents,
beginning on the first day of your employment. The program features a variety of plans that provide health care
benefits, well-being, disability and survivor protection, and 401(k) savings, among others. Below are highlights
of the offerings.

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
OKR operational model
Open office floor plan
Flexible work schedule
Remote work program
Diversity
Dedicated diversity and inclusion staff
Diversity employee resource groups
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Charitable contribution matching
Child Care & Parental Leave Benefits
Generous parental leave
Family medical leave
Adoption Assistance
Vacation & Time Off Benefits
Generous PTO
Paid holidays
Paid sick days
Office Perks
Commuter benefits
Some meals provided
Relocation assistance
Onsite gym
Professional Development Benefits
Job training & conferences
Tuition reimbursement
Lunch and learns
Online course subscriptions available
Paid industry certifications

More Jobs at CNA

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about CNAFind similar jobs like this