HP Cybersecurity Senior Third Party Risk Assessor 

Mexico, Mexico City 

687421247

Cybersecurity Senior Third Party Risk Assessor

Job Title: Senior Cybersecurity Risk Assessor

The HP Cybersecurity Risk Assessor is responsible for end-to-end cyber security risk management, including risk identification, analysis, and evaluation, identifying remediation requirements, and supporting remediation efforts. Defined risk assessment processes and risk management methodologies are utilized to meet these objectives.

What a Cybersecurity Risk Analyst/ Assessor does at HP:

• Scopes, manages and performs cyber security risk and/or compliance assessments, handles complex TPRAs
• Maintains the risk register for all assessed assets utilizing eGRC/IRM solution.
• Provides risk mitigation/remediation guidance to stakeholders.
• Supports internal and external audits as needed.
• Contributes to and/or leads the continuous improvement and maturation of GRC practices.
• Monitors industry cybersecurity threats, cybersecurity best practices, regulatory changes, corporate updates, and geo-political changes impacting HP’s security.
• Mentors and provides guidance to new team members.

Individuals who thrive in this role at HP, typically have:

• Bachelor’s degree (preferably in computer science, engineering or related area of study, or equivalent experience).
• Typically, 10+ years of relevant experience, including conducting risk and compliance assessments.
• Technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT.
• Solid working knowledge of industry frameworks and standards, including ISO27001/27002/27005, NIST CSF, NIST 800-53, SOC2, PCI-DSS, and SIG.
• Knowledge of common GRC processes, including risk management, exception to policy, policy management, controls management/mapping, and auditing.
• Results-driven, strong analytical skills, ability to connect the dots to make better decisions.
• Able to deal well with ambiguity, balancing risk with potential delays.
• Fluent in Oral and written communications.
• Able to work effectively in a team and with various stakeholders at various organizational levels.
• Excellent responsiveness, organizational, and time management skills.
• Proactive in seeking problem resolution.

Knowledge & Skills

• Cybersecurity operations
• Cybersecurity governance
• Third-Party Risk Assessments
• Knowledge of risk assessment frameworks
• Risk analysis.
• Issue tracking.
• Security controls
• Operating systems

Cross-Org Skills

• Effective Communication
• Strong relationship management skills
• Analytical Mindset
• Results Orientation
• Learning Agility
• Customer Centricity
• Multitasking
• Project/Program Management

Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors.

Data & Information Technology

Full time

No shift premium (Mexico)

-

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.