Description

Summary:

The Segment Risk Specialist Sr for TPRM will work within the broader third party risk process to analyze technology risk present in both potential and existing third party relationships. Specific responsibilities includes but are not limited to:

Duties & Responsibilities:

• Perform Technology risk assessments on third party control environments and be able to articulate both the inherent and residual risk of a relationship.
• Effectively communicate security and control requirements to both third parties and business partners.
• Assist in the continued development, maintenance and enhancement of the Technology risk management program and related initiatives.
• Identify, assess, and communicate third party gaps and observations with stakeholders.
• Ensure timely completion of technology risk assessments in accordance with guidelines.
• Be proactive and follow-up with business segments/other stakeholders regarding action plan or open Tech TPRM follow-up items.
• Help foster a risk awareness culture in the business segment.
• Partner, build and maintain relationships with key stakeholders within the third party risk management space, including SROs, ITRM, Risk Partners, 3PRM team, Sourcing, Legal, second and third line oversight teams, and the various business segments.
• May lead less experienced Risk Specialists.
• Maintain flexibility to adjust to dynamic priorities to be successful.
• Performs other duties as assigned.

Basic Qualifications:

• Bachelor’s degree
• Minimum of 3 years of experience in Technology third party risk, IT Audit, Cybersecurity risk, Risk Management or other technical risk related experience.

Preferred Qualifications:

• Knowledge of IT/cybersecurity risk management including processes and controls.
• Knowledge of third party risk management principles.
• Strong organizational, analytical, critical thinking and problem-solving skills.
• Excellent verbal and written communications and the ability to communicate and present requirements and issues clearly and concisely.
• Strong interpersonal skills and ability to build strong partnerships and work collaboratively with all businesses.
• Ability to deal with ambiguity, multi-task and work in a fast-paced environment.
• Proficiency in MS Office suite.
• Familiar with common security control frameworks, i.e. NIST, COBIT, COSO.
• Familiar with common industry reporting and certifications, i.e. SOC 1 and 2, PCI, SIG/AUP)
• CISA, CISM, CISSP and/or CRISC preferred.
• Travel requirements: 0-10%

#LI-Hybrid

#LI-MH1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Workplace Type:

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position