If you want to make a positive difference and stand out from the crowd, you’ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help people achieve financial well-being and peace of mind. Come join us and share our passion for serving our customers in a positively different way.
IT at The Standard
When you work at The Standard, you are part of a company that provides customers financial well-being and peace of mind. As a member of our IT team, you work side by side with the business, pursuing strategic opportunities for our company. It’s an exciting time with new products, new distribution channels and new customer needs that are driving big investments in technology. At The Standard, we are large enough for big opportunities and small enough for big impact.
The Third Party Risk Management Analyst role will be primarily responsible to comprehensively analyze and assess information security risk across The Standard's portfolio of supplier relationships. Work closely witha wide range of stakeholders, both IT and across the entire business.
- Conducts information security and business continuity assessments of third parties (suppliers, business partners and cloud services), including analysis of the business environment and how the business will use the vendor
- Characterizes inherent risk and advises management on how to mitigate any identified risks
- Supports the evolution and continuous improvement of third party risk assessment processes including the development and maintenance of procedures, automation, artifacts, and metrics to be used in the assessment of suppliers
- Keeps abreast of the latest security, privacy, business continuity and regulatory concerns and best practices impacting third party risk management
- Advises business on any changes requested by third parties to security and privacy provisions of our contracts
- Performs third party compliance risk tracking, trending, analysis, and executive reporting
- Advises supplier management teams, procurement and project teams on vendor assessment requirements
- Participates in cross-functional team initiatives and projects
- Education & Experience: Bachelor’s degree in a technical discipline or business-related field. Typically requires at least 5 years of experience in risk management, information security, business operations and vendor assessments. Risk management certification (i.e. CBCP, ABCP, CRISC, CISSP, etc.) is a plus.
- Knowledge & Skills: Required: Strong knowledge of risk management, information security and business continuity management. Understands how third party risk management impacts other disciplines and departments. Excellent business communication skills. Technical, information security and MS Office skills. Thorough understanding of security, IT, and business compliance frameworks and processes (SOC1, SOC2, SOX, etc.). Highly desired: Familiarity with vendor management tools (Archer, Security Scorecard, etc.).
- Job Complexity & Judgment: Solves complex problems; takes a new perspective on existing solutions; exercises judgment based on the analysis of multiple sources of information. Makes recommendations for new processes or procedures. Acts as a resource for colleagues with less experience; may lead projects with manageable risks and resource requirements.
- Independence: Self-governing on daily work; may require general instructions on new assignments. Works within broad guidelines and policies. Work and results are often shared with team.
- Interaction & Influence: Contacts are typically company-wide and outside the company to provide or obtain information. Impacts a range of customer, operational, project or service activities within own team, other related teams and department. Must be able to effectively collaborate as a team member across functional areas and influence thinking
Direct experience developing, implementing, and improving technology controls in a corporate environment.
Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc., StanCorp Investment Advisers, Inc. and StanCorp Mortgage Investors, LLC, marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.
For more information regarding your Equal Employment Opportunity applicant rights, click here.
Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871. This number is only for the use of individuals with disabilities who need accommodation with the application process. General inquiries about application status will not be addressed.