TIAA is seeking a Senior Third-Party Cyber Risk Analyst to support their Enterprise Cybersecurity program. This role will conduct third party risk assessments covering cyber security, identify information security risks, document issues, identify remediation action plans, and collaborate with internal partners and third parties to drive cyber risk from the firm.
This role will be a key member of our Governance & Risk organization within our Cybersecurity team. The ideal candidate will have Cybersecurity experience, possess an in-depth understanding of Third-Party Cyber Risk Management practices and experience performing third party risk assessments. This role requires communications skills, both oral and written, with interpersonal, team and organizational skills.
Key Responsibilities and Duties
Conduct 3rd Party Cyber Risk Assessments to ensure our vendor’s security policies and controls are aligned to TIAA standards.
Identify gaps through the assessment, recommend mitigation strategies, Document issues in the Issue Management System, and drive mitigation efforts in collaboration with the internal and external partners.
Develop and maintain effective relationships and demonstrate effective communication skills to collaborate with representatives of the Lines- of-Business, technology areas, risk partners, and vendors in performing their role.
Contribute to our efforts to transform the Third-Party Cyber Risk Management program leveraging AI and technical capabilities to reduce risk across our Third-Party ecosystem.
Apply critical thinking to situations where incomplete / imperfect information is available.
Collaborate with security teams to investigate and respond to security incidents that may impact our vendor ecosystem.
Educational Requirements
- University (Degree) Preferred
Work Experience
- 3+ Years Required; 5+ Years Preferred
Physical Requirements
- Physical Requirements: Sedentary Work
Career Level
7IC
Required Skills:
3+ years of experience working in a similar Third-Party Cyber Risk Management role.
3+ years of experience interfacing and communicating (both verbal and written) with both technical and non-technical stakeholders on articulating risks, mitigation plans, and compliance requirements.
Must have knowledge and understanding of Cybersecurity Frameworks including NIST CSF, ISO 27001/SOC2, PCI DSS and CIS Critical Security Controls.
Possess direct experience with risk assessment methodologies, risk mitigation strategies, and risk reporting.
Possess the ability to understand complex issues, analyze data, develop a remediation approach, communicate recommendations, and drive work effort to successful completion.
Understanding of AI concepts and how to apply AI to risk assessments, threat intelligence and to enhance third-party risk management processes.
Preferred Skills:
5+ years of experience working in a similar role.
Possess technical background and knowledge to help identify tools and technologies that can support our Third-Party Risk Management program.
Experience collaborating with Agile teams leveraging industry standard tools and processes.
Possess Cyber Security certifications.
Anticipated Posting End Date:
2025-06-11Base Pay Range: $79,900/yr - $121,400/yrActual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).
_____________________________________________________________________________________________________
Company Overview
Every worker deserves a secure retirement. For more than 100 years, TIAA has delivered it for millions of people. Founded to help educators retire with dignity, today weʼre a market-leading retirement company fueled by world-class asset management. But weʼre not just another legacy financial services firm. Weʼre fighting harder than ever before for our clients and the many Americans who need us.
Benefits and Total Rewards
The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That’s why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our Benefits Summary.
Equal Opportunity
We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.
Read more about your rights and view government notices here.
Accessibility Support
TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.
If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:
Phone: (800) 842-2755
Email: [email protected]
Privacy Notices
For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.
For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.
For Applicants of TIAA Global Capabilities, click here.
For Applicants of Nuveen residing in Europe and APAC, please click here.
TIAA Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about TIAA and has not been reviewed or approved by TIAA.
-
Retirement Support — Employer-funded retirement plans, a pension, and matching contributions are emphasized as signature strengths that materially bolster long-term savings. Complimentary advisory resources and a retiree healthcare savings program further reinforce retirement preparedness.
-
Parental & Family Support — Generous paid parental leave and caregiver leave are paired with adoption/surrogacy assistance and back-up child/elder care. Additional supports such as Milk Stork and tutoring resources signal a family-friendly design.
-
Healthcare Strength — Multiple medical plan options, strong dental and vision coverage, and automatic life and disability insurance are offered. Wellness resources, mental health support, and tax-advantaged accounts enhance overall health security.
TIAA Insights
Similar Jobs
What We Do
Every worker deserves a secure retirement. For more than 100 years, weʼve delivered it for millions of people—and weʼre not done yet. Founded to help educators retire with dignity, today weʼre a market-leading retirement company fueled by world-class asset management. But weʼre not just another legacy financial services firm. Weʼre fighting harder than ever before for our clients and the many Americans who need us. And weʼre hiring. When you work at TIAA, youʼre making a difference in the lives of our clients. Weʼre always on the lookout for great people to become part of our coalition of champions and are committed to providing equal opportunity across all employment practices as we believe our employees have a right to a diverse and inclusive workplace. Join our team today in the fight to help more people to and through retirement.
Why Work With Us
TIAA provides financial security for millions and offers our employees opportunities to grow in a culture that embraces diversity, innovation, and high performance.
