Job #: 1500
Title: Third Party Risk Analyst
The Third Party Risk Analyst position’s primary responsibilities are to conduct third party information security assessments. Additional responsibilities may include leading process improvement activities, participating in information security assessment special projects and other assessment related activities. Understand complex business and information technology management processes. Identify and evaluate technology risks at third parties.
Develop an understanding of the third parties’ IT control environment and assess the adequacy of IT controls. Actively participate in decision making with third parties and management for mitigating identified deficiencies and seek to understand the broader impact of the decisions made. Establish and maintain good working relationship with third parties and engagement managers with the intention to exceed their expectations. Generate innovative ideas and challenge the status quo.
Interface with all levels of management and technical and business sources. Responsible for understanding of business processes and technology used within the assigned areas to ensure that the business is in compliance with regulatory requirements and Mizuho’s Information Security Policy and applicable procedures, processes and standards.
Advanced level of knowledge of Information Technology and Information Security controls
Advanced level of Risk Management
Minimum 3 – 5 years of Third Party Risk Assessment or IT Audit
Good time management and follow-up skills
Ability to communicate with all levels of management
Ability to follow and execute a detailed process
Basic Excel Skills
Fluent Japanese-English Speaker
Have performed on-site assessments
Have Financials industry background
Have used Standardized Information Gathering Questionnaire (SIG) for risk assessments
Familiarity with RSA Archer Platform
Ability to Travel (5-10%), if needed
Bachelor degree or an equivalent combination of education and work experience.