Job Profile Specialist, Cyber Technology Risk Professional (Third-Party Cyber / AI)
Job Profile Specialist, Cyber Technology Risk Professional (Third-Party Cyber / AI)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The Associate will serve as the primary point of contact for AI-related assessments within the Third-Party Cyber Risk (TPCR) team. This role is responsible for ensuring timely comprehensive evaluations of AI components in third-party engagements while also supporting broader TPCR assessment activities. The successful candidate will be detail-oriented collaborative and adept at engaging with diverse stakeholder groups including Architecture Third-Parties Procurement and internal Cybersecurity teams.
The Associate will be responsible for monitoring incoming requests and assessments involving AI initiating appropriate workflows and coordinating the completion of AI-specific cybersecurity questionnaires by third-party suppliers. They will ensure responses are received within defined service-level agreements (SLAs) review vendor submissions to identify gaps in AI-related controls and documentation and escalate findings to relevant internal teams such as Architecture Business Information Security Officers (BISOs) or Risk Owners. All findings will be documented and tracked to ensure visibility and resolution.
The ideal candidate will bring 24 years of experience in cybersecurity risk management or vendor risk assessment along with familiarity with AI technologies and their associated risks. Proficiency with risk tracking tools dashboards and reporting platforms is also essential as are strong organizational and communication skills to manage multiple priorities and stakeholders effectively.
This position is primarily hybrid with flexibility for remote work depending on individual circumstances and business needs.
**This role does not qualify for employer-sponsored work authorization. Nationwide does not participate in the StemOPT Extension program.**
#LI-TN1
Job Description Summary
If youre enthusiastic about delivering secure technology solutions to support a company providing extraordinary care to its customers then Nationwide Technology is the place for you. Nationwides industry-leading technology workforce embraces an agile work environment and a collaborative culture to deliver outstanding solutions and results. If that sounds like something you aspire to we want to hear from you!As a Cyber Technology Risk Professional youll be entrusted to protect Nationwide. Youll identify issues and develop solutions for cyber security problems. Youll assess report and manage cyber risk through constant interaction with our technology and business partners. Youll gain an understanding of leading-edge technologies that play a key part in keeping Nationwide safe in our increasingly threatening world. Youll also help to build long-term relationships with potential Nationwide partners by providing up-to-date information on our Information Security Practices and thereby differentiating ourselves from our competitors by ensuring Nationwide is resilient in an ever-changing world and can meet and exceed its regulatory obligations while protecting our customers and business partners.
Job Description
Key Responsibilities:
Supports the improvement of the risk posture pertaining to confidentiality availability and integrity of assigned area by identifying documenting and communicating cyber risks.
Partners in the development and reporting of key risk metrics.
Responsible for applying secure software and systems engineering practices throughout the delivery lifecycle to ensure our data and technology solutions are protected from threats and vulnerabilities.
Integrates technology risk practices to reduce business risk.
Partners to understand the current risk posture of portfolio and security priorities. Assists with communicating risk issue mitigation plans and ensuring risks are closed on time.
Compliance: Works with external regulators to respond to inquiries properly and accurately. Continuously matures compliance capabilities providing expertise and execution against the risk inherent in all compliance and regulatory matters. Collaborates with customers to respond to Request for Proposal (RFP) Request for Information (RFI) and Diligence inquiries.
Risk Partner: Completes simple to moderate risk assignments on time achieving set milestones. Performs and tracks consulting efforts to improve cyber posture. Helps drive the adoption of IRM capability efforts within assigned area. Enhances application and cloud security to counteract evolving cyber threats. Serves as a conduit driver and communicator between cyber capability and clients.
Continuity: Performs straightforward to moderate Business Impact Analysis to identify enterprise-critical processes. Collaborates with peers and partners to develop test plans and strategies monitor exercises and communicates the results.
May perform other responsibilities as assigned.
Reporting Relationships:Reports to Manager Risk Leader or above.
Typical Skills and Experiences:
Education:Undergraduate studies in cyber security management information systems engineering math computer science data analytics or comparable experience and education strongly preferred. Graduate studies in cyber security computer science or a related field are a plus.
License/Certification/Designation: Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Certified Business Continuity Professional (CBCP) or another cyber certification preferred.
Experience: Typically three years of experience in one or more information risk management capabilities and/or information audit systems. Three years of experience in Technology.
Knowledge Abilities and Skills:Ability to make decisions and recommendations. Aptitude to build relationships and set individual priorities. Solid communication skills. Insurance and/or financial services industry knowledge a plus.
Other criteria including leadership skills competencies and experiences may take precedence.
Staffing exceptions to the above must be approved by the hiring managers leader and Human Resource Business Partner.
Values:Regularly and consistently demonstrates Nationwide Values.
Job Conditions:
Overtime Eligibility: Exempt (Not Eligible)
Working Conditions: Hybrid to normal office environment.
ADA:The above statements cover what are generally believed to be principal and essential functions of this job. Specific circumstances may allow or require some people assigned to the job to perform a somewhat different combination of duties.
Benefits
We have an array of benefits to fit your needs including: medical/dental/vision life insurance short and long term disability coveragepaid time off with newly hired associates receiving a minimum of 18 days paid time off each full calendar year pro-rated quarterly based on hire date nine paid holidays 8 hours of Lifetime paid time off 8 hours of Unity Day paid time off 401(k) with company match company-paid pension plan business casual attire and more. To learn more about the benefits we offer click here.
Nationwide is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive culture where everyone feels challenged appreciated respected and engaged. Nationwide prohibits discrimination and harassment and affords equal employment opportunities to employees and applicants without regard to any characteristic (or classification) protected by applicable law.
Smoke-Free Iowa Statement: Nationwide Mutual Insurance Company its affiliates and subsidiaries comply with the Iowa Smokefree Air Act. Smoking is prohibited in all enclosed areas on or around company premises as well as company issued vehicles. The company offers designated smoking areas in which smoking is permitted at each individual location. The Act prohibits retaliation for reporting complaints or violations. For more information on the Iowa Smokefree Air Act individuals may contact the Smokefree Air Act Helpline at .NOTE TO EMPLOYMENT AGENCIES:
We value the partnerships we have built with our preferred vendors. Nationwide does not accept unsolicited resumes from employment agencies. All resumes submitted by employment agencies directly to any Nationwide employee or hiring manager in any form without a signed Nationwide Client Services Agreement on file and search engagement for that position will be deemed unsolicited in nature. No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means.
Required Experience:
Unclear Seniority
Employment Type
Full-Time
