Cybersecurity Analyst, Third-Party Risk & Technology Governance

Your Title: Cybersecurity Analyst Third Party Risk and Technology Governance

Job Location: Mexicali Mexico OR Mexico City Mexico-Onsite

Our Department: Corporate Cybersecurity

Are you ready to be the defender of our extended enterprise

Were looking for a Cybersecurity Analyst who can step into a pivotal role managing and mitigating the cybersecurity risks associated with all of our third-party relationships and vendors.

What You Will Do

Were seeking a proactive and detail-oriented specialist whos passionate about blending cyber defense with operational efficiency. This isnt just about managing risk; its about pioneering the future of security assessments. Youll be instrumental in optimizing workflows championing the implementation of automation and directly helping us build the strategy for assessing vendors who leverage cutting-edge technologies like Artificial Intelligence (AI) and Machine Learning (ML). If you thrive on tackling complex challenges and want to ensure our program is scalable efficient and prepared for the next wave of technology this role offers the perfect platform to make a significant measurable impact.

Third-Party Risk Management

• Lead comprehensive cybersecurity risk assessments for new and existing vendors partners and suppliers.

• Analyze and validate vendor security documentation including SOC 2 ISO 27001 certifications and security questionnaires (SIG/CAIQ).

• Evaluate vendor control environments specializing in cloud infrastructure (AWS Azure GCP) application security (OWASP Top 10) and data protection.

• Clearly articulate and document technical risks for both technical teams and senior business stakeholders.

• Collaborate with Legal and Procurement to develop track and enforce vendor risk remediation plans.

Process Optimization & Reporting

• Drive efficiency and consistency by analyzing and optimizing the end-to-end Third-Party Risk Management (TPRM) lifecycle.

• Design and implement automated workflows within our Governance Risk and Compliance (GRC) platform.

• Define track and report Key Performance Indicators (KPIs) and metrics to measure TPRM program health and effectiveness.

• Maintain core program documentation including Standard Operating Procedures (SOPs) and assessment methodologies.

AI Security & Emerging Threats

• Conduct specialized AI vendor security evaluations covering critical domains such as model integrity data privacy and adversarial attack resistance.

• Provide guidance on the secure and responsible adoption of third-party AI technologies to internal teams.

• Stay current with evolving AI regulatory frameworks (e.g. NIST AI RMF EU AI Act) and emerging security threats.

• Leverage AI solutions to automate dynamic risk management and continuous testing of vendor controls.

What Skills and Experiences You Should Bring

• 3 years of experience in an information security IT audit or technology risk management role.

• At least 2 years of direct hands-on experience in Third-Party Risk Management (TPRM).

• Proven ability to analyze and streamline complex processes with a track record of implementing successful improvements.

• Strong technical knowledge of core cybersecurity domains including cloud security network security identity and access management (IAM) and encryption.

• Demonstrated experience interpreting security reports and assessing the effectiveness of technical controls.

• A strong interest in and foundational understanding of AI/ML technologies and their unique security challenges.

• Excellent analytical skills with the ability to think critically and solve problems independently.

• Strong written and verbal communication skills capable of engaging with a wide range of audiences.

• Hands-on experience with TPRM platforms.

About Your Location

Trimble Inc. has established a significant presence in Mexicali Baja California Mexico by setting up a world-class software research and development center. This facility is part of Trimbles strategic expansion to accelerate the delivery of products and services worldwide.

Located in Mexicali Trimbles R&D center focuses on developing cutting-edge technologies across various industries including agriculture construction geospatial and transportation. The center is involved in creating maintaining supporting enhancing and monitoring products and solutions for Trimbles diverse divisions.

About Trimbles Cybersecurity Third Party Risk and Technology Governance Team

This team is a strategic assurance partner ensuring that all parts of the global Trimble enterprise including its products and vendors are compliant secure and resilient.

How to Apply: Please submit an online application for this position by clicking on the Apply Now button located in this posting.

Posting Date

Application Deadline: Applications could be accepted until at least 30 days from the posting date.

Join a Values-Driven Team: Belong Grow Innovate.

At Trimble our core values of Belong Grow and Innovate arent just wordstheyre the foundation of our culture. We foster an environment where you are seen heard and valued (Belong); where you have an opportunity to build a career and drive our collective growth (Grow); and where your innovative ideas shape the future (Innovate). We believe in empowering local teams to create impactful strategies ensuring our global vision resonates with every individual. Become part of a team where your contributions truly matter.

Trimbles Privacy Policy

If you need assistance or would like to request an accommodation in connection with the application process please contact