As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world.
If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day!
Job Description
Your Team
This role will support the Third Party Security Risk function and team within Global Security at Invesco. This position will serve as a security subject matter expert working with third parties, technology, and business partners in ensuring suppliers have implemented adequate security controls to protect Invesco information and technology assets. This position will closely work with Business and Security teams to deliver of high quality, value added assurance and audit reports for a portfolio of outsourced business activities, which meet the requirements of the Boards of Invesco and, their affiliates and of Invesco’s respective regulators, globally. The role will align and liaise with Procurement, Supplier Management, Legal, Compliance, and Technology Governance.
Evaluates and develops data security policies and procedures, safeguarding information and systems and identifying new areas of risk. Prevents, monitors and responding to breaches and cyber-attacks through continuous development of the firm's technical security capabilities.
Your Role
This role will support the Third Party Security Risk function and team within Global Security at Invesco. This position will serve as a security subject matter expert working with third parties, technology, and business partners in ensuring suppliers have implemented adequate security controls to protect Invesco information and technology assets. This position will closely work with Business and Security teams to deliver of high quality, value added assurance and audit reports for a portfolio of outsourced business activities, which meet the requirements of the Boards of Invesco and, their affiliates and of Invesco’s respective regulators, globally. The role will align and liaise with Procurement, Supplier Management, Legal, Compliance, and Technology Governance.
Evaluates and develops data security policies and procedures, safeguarding information and systems and identifying new areas of risk. Prevents, monitors and responding to breaches and cyber-attacks through continuous development of the firm's technical security capabilities.
You Will Be Responsible For:
-
Lead third party security risk assessments and communicate third party risks to senior stakeholders
-
Provide strong security risk management expertise in the continuous improvement of the Third Party Security Risk Assessment framework, methodology, program, processes and technologies.
-
Respond appropriately and lead third party cyber risk incident, the related investigations, managing situations with discretion, sensitivity, and objectivity, and with due consideration of chain-of-custody
-
Support the risk reporting and key metric processes, and assist with coordinating and communicating results of third party risk assessments to ensure appropriate implementation of controls for accessing or handling firm information
-
Respond appropriately and lead third party cyber risk incidents, the related investigations, managing situations with discretion, sensitivity, and objectivity, and with due consideration of chain-of-custody
-
Educate business teams on third party information security risk and recommendations
-
Review security schedules as part of the contracts; Participate as a subject matter expert in contract negotiations.
-
Manage and maintain repositories, tools, and documentation for third party information risk assurance
The Experience You Bring:
-
6+ years of experience in Information Security third party / vendor risk management
-
Strong experience in conducting security risk assessment and continuous monitoring of third parties
-
Strong experience in security risk assessment methodology and program development
-
Strong experience with Third Party Security risk management tools (Process Unity preferred) to automate assessment processes and reporting
-
Strong experience in cloud security and application security
-
Strong experience with Shared Assessments Third Party Risk Management questionnaire (SIG) is preferred
-
Strong understanding of audit / risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security.
-
Comprehensive working knowledge of industry standards (NIST, COBIT, COSO, ITIL)
-
Building and managing relationships within the organization
-
Proficient in data analysis and reporting
-
High proficiency in Microsoft Office (Word, Excel, PowerPoint) required
Full Time / Part Time
Full time
Worker Type
Employee
Job Exempt (Yes / No)
YesWorkplace Model
At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office.
Our people are at the very core of our success. Invesco employees get more out of life through our comprehensive compensation and benefit offerings including:
-
Flexible paid time off
-
Hybrid work schedule
-
401(K) matching of 100% up to the first 6% with a discretionary supplemental contribution
-
Health & wellbeing benefits
-
Parental Leave benefits
-
Employee stock purchase plan
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. The job holder may be required to perform other duties as deemed appropriate by their manager from time to time.
Invesco's culture of inclusivity and its commitment to diversity in the workplace are demonstrated through our people practices. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender, gender identity, sexual orientation, marital status, national origin, citizenship status, disability, age, or veteran status. Our equal opportunity employment efforts comply with all applicable U.S. state and federal laws governing non-discrimination in employment.
Top Skills
What We Do
intelliflo widens access to financial advice through leading technology which powers the financial advisory experience. We use open software architectures combined with unmatched industry experience to simplify a complex digital landscape to help our customers thrive and grow. Our solutions support over 30,000 financial professionals worldwide, representing over three million end-investors, with over $1 trillion (US) advised across our platforms.
intelliflo operates independently under its own brand as a wholly owned subsidiary of Invesco, a global leader in the asset management industry with $1.6tr AUM. Whilst intelliflo remains independent in operations to Invesco, we draw from its strengths. After bringing together Invesco’s digital advisory solutions under our global intelliflo brand in March 2021, we continue to remain dedicated to powering the entire advisory lifecycle through our range of open architecture solutions, as the global leader in financial advice technology.
Digitization is transforming wealth management. Invesco is committed to creating commercial software that allows advisors, institutions, and investors, to unlock technology-enabled possibilities. intelliflo is a key part of Invesco’s ambition to build the future of wealth management.
.jpeg){kind=icon}
 (1).png)
