SecurityScorecard

Vendor Risk Consultant

SecurityScorecard

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

Cyber SecurityPython

About the role

  • Conduct cybersecurity risk assessments on potential and existing vendors within MAX customer portfolios to identify and reduce business risks.
  • Serve as a trusted advisor to both customers and their vendors, translating technical risk findings into clear business impacts and risk management actions.
  • Leverage SecurityScorecard’s proprietary findings and all-source threat intelligence to assess emerging risks, advise vendors on impacts, and guide remediation.
  • Foster trust with both customers and vendors to ensure ongoing compliance with requirements and prevent incidents.
  • Evaluate the maturity of vendor risk management programs and recommend improvements to strengthen governance and operational processes.
  • Track and report on vendor risk profiles, identifying trends, emerging threats, and opportunities for program improvement.
  • Orchestrate concurrent client programs, ensuring consistent delivery excellence, measurable results, and alignment with regulatory and industry standards.

Requirements

  • 5+ years of demonstrated professional cybersecurity consulting experience or similar.
  • Outstanding ability to explain complex cybersecurity and vendor risk concepts to a range of technical and non-technical audiences, in both written and verbal form.
  • Strong comprehension and ability to apply cybersecurity concepts, frameworks, technologies, controls, threat knowledge, and best practices to vendor risk.
  • Proficiency in common scripting languages (Python preferred) and/or Microsoft Excel (or equivalent) to analyze complex data, build trends, and spot patterns.
  • Demonstrated success managing multiple external clients and projects simultaneously, prioritizing competing demands, and meeting deadlines.
  • Ability to thrive in fast-paced independent and collaborative settings.
  • Desired Certifications (One or More Completed): CRISC, CISSP, CISM, CISA, GSTRT, GCCC, GSLC, or GSNA. CRVPM, CTPRP, ISO 27001 Lead Auditor or technical certs are also a plus.
  • English (fluent). Other regional languages are a plus.
  • Experience conducting cybersecurity audits, vendor risk assessments or broader vendor risk management.
  • We do not provide immigration sponsorship for this position.
Samsara

Senior Technology Analyst – Audit and Automation

Samsara
Seniorfull-time$102k–$137k / year🇺🇸 United States
Posted: 3 days agoSource: boards.greenhouse.io
CloudCyber SecurityIoTPythonSQL
Reach Security

Engineering Manager (Recommendations)

Reach Security
Mid · Seniorfull-time🇺🇸 United States
Posted: 28 days agoSource: jobs.ashbyhq.com
Cyber SecurityPython
San Diego County Regional Airport Authority

Senior Cybersecurity Engineer

San Diego County Regional Airport Authority
Seniorfull-time$95k–$153k / yearCalifornia · 🇺🇸 United States
Posted: 11 days agoSource: apply.workable.com
CloudCyber SecurityFirewallsPython
State Street

VP, DLP Platform Specialist

State Street
Leadfull-timeMassachusetts · 🇺🇸 United States
Posted: 9 days agoSource: statestreet.wd1.myworkdayjobs.com
Cyber SecurityPython
Wells Fargo

Senior BoKS Identity Access Management Information Security Engineer

Wells Fargo
Seniorfull-timeArizona, North Carolina · 🇺🇸 United States
Posted: 33 days agoSource: wf.wd1.myworkdayjobs.com
Cyber SecurityLinuxPythonUnix