Information Security Analyst - Vendor Risk Management
Job Requisition Number: 37756
New York - USA
Bloomberg is seeking an Information Security Analyst to join its IT Audit department, reporting into the Information Security group. The role is responsible for performing vendor risk assessments and providing third party oversight support to the internal departments. The candidate will play a pivotal role in leading, supporting and executing Bloomberg s Vendor Risk Management Strategy.
In addition, this role involves interacting with internal IT audit function in identifying and assessing risk to the business. The position entails partnering with Legal and Compliance on potential regulatory issues and ensuring Bloomberg s compliance with applicable regulations. The successful candidate will be aware of the latest security and privacy legislation, regulations, and act as an advisory advocate to internal business owners and external third party vendors alike.
- Lead and/or participate in the Vendor Risk Management Review process including the development and review of assessment material, scope, on-site planning and onsite review execution.
- Perform vendor risk assessments on potential and existing third party vendor relationships; taking into consideration strategic, reputation, compliance, and other risks the vendor may pose to Bloomberg.
- Drive all aspects of risk assessment process for third party providers.
- Conduct thorough due diligence activities including review of IT General Controls, Physical Security controls, business continuity/disaster recovery plans/testing results, reports over internal controls (SSAE 16's, Systrust, other compliance reports), contract review, SLA's and on-site vendor reviews, when warranted.
- Identify, measure, and assess risk associated with third party vendor relationships, and as needed, liaise with the business owners to identify/establish mitigation approach.
- Ensures all required contracts have undergone proper legal and compliance reviews.
- Maintain a vendor database to capture, categorize, and maintain risk ratings of vendors
- Identify opportunities for improving third party risk posture as well as Bloomberg's third party risk management processes.
- Support internal LOB audits.
- Lead and/or participate in communicating identified risks with key stakeholders to initiate and subsequently drive remediation efforts related to assessments.
- Maintain Archer administration tasks as required.
- 3-5 years of proven vendor governance, audit or risk management related experience
- Hands on experience with Archer
- Experience with IT outsourcing and business process outsourcing governance and risk management
- Knowledgeable in the ISO 27001/27002 framework
- The ability to articulate a clear understanding of Third Party Risk and/or Vendor Management best practices
- Proficient technical skills, including: Information Security Audit, Network Security, change management, IT Risk Management, operation systems and data, performance metrics and reporting, project management, and vendor management.
- Bachelors with 5-7 years of work experience or 5 years with advanced degree (MIS, Information Security, other related field)
- Minimum of 5 years in Information Technology/ Information security/ Compliance
- Professional certifications:
***Technical: CISSP, CISA or CISM, RSA Archer Administrator
Bloomberg, the global business and financial information and news leader, gives influential decision makers a critical edge by connecting them to a dynamic network of information, people and ideas. The company s strength delivering data, news and analytics through innovative technology, quickly and accurately is at the core of the Bloomberg Professional service, which provides real time financial information to more than 315,000 subscribers globally. Bloomberg s enterprise solutions build on the company s core strength, leveraging technology to allow customers to access, integrate, distribute and manage data and information across organizations more efficiently and effectively. Through Bloomberg Law, Bloomberg Government, Bloomberg New Energy Finance and Bloomberg BNA, the company provides data, news and analytics to decision makers in industries beyond finance. And Bloomberg News, delivered through the Bloomberg Professional service, television, radio, mobile, the Internet and three magazines, Bloomberg Businessweek, Bloomberg Markets and Bloomberg Pursuits, covers the world with more than 2,400 news and multimedia professionals at more than 150 bureaus in 73 countries. Headquartered in New York, Bloomberg employs more than 15,000 people in 192 locations around the world.
I agree that my submission of this employment application does not obligate the Company (Bloomberg L.P., its subsidiaries, divisions and any affiliated entities, collectively "the Company") to employ me, or to offer me employment.
I agree that if I am hired for a position in the United States of America, I will be employed on an at-will basis, which means that: (a) my employment and compensation are not guaranteed for any definite period, and can be terminated, with or without cause, and with or without notice, by either the Company or myself, and (b) there is no written or oral agreement or representation that can alter my at-will status except an individual written agreement signed by the Chief Executive Officer of Bloomberg.
I agree that the information on this application (and accompanying documents, if any) is true and complete to the best of my knowledge. I am responsible for ensuring that the information I submit is accurate and up-to-date. I may review or update my personal information at any time using this site or by entering a request via Careers- Feedback . I also agree that any misstatement, false information, or omission deemed significant by Bloomberg may disqualify me from consideration, and/or may be reason for discharge if discovered after an offer of employment has been extended to me.
I agree that I am not party to any agreement, or subject to any legal obligation, that would in any way restrict me, or interfere with me from fully performing the requirements of the job for which I am applying, and that I must disclose to the Company any such agreement or obligation before the Company considers my application.
I understand that if I am selected to proceed with the application process, I may be given or obtain access to non-public information that the Company considers to be of a confidential, proprietary, or trade secret nature ("Confidential Information"). I agree that I will not directly or indirectly disclose the Confidential Information to any third party, and that I will not use the Confidential Information for my own benefit or for the benefit of any third party.
In addition, I agree that if I am offered employment at Bloomberg, that such offer, and continued employment, is contingent on the results of a reference check and background investigation.
I understand that the Company is an equal employment opportunity/affirmative action employer, and that the application process will be conducted in accord with applicable EEO/affirmative action requirements where the relevant position is located. I understand and agree that Bloomberg may use any personal information submitted in my application for the purpose of considering my suitability for employment, as well as for general statistical analysis and reporting purposes, including candidate activity and demographic reports. Bloomberg will process my information in compliance with applicable laws on privacy and data protection.
I agree that if Bloomberg does not employ me at this time, Bloomberg may retain and use the information that it obtains as part of the application process to consider my application later if a suitable position becomes available and, if appropriate, to refer back to this application if I apply again. If at any time I no longer want Bloomberg to consider my application for employment, I understand I must enter a request via Careers- Feedback, in which case the information will be stored securely for no more than one year from the date of notification, and access to it will only be made to the extent necessary for legal and regulatory purposes.
I understand my information may be disclosed to law enforcement, regulatory or other government agencies, or third parties where required and where necessary to comply with legal or regulatory obligations or requests.
By continuing with this application, I voluntarily consent to the above terms, and recognize that my agreement to these terms is legally binding and enforceable to the same extent as if I had signed my name.
By clicking the 'Apply Now' button below you agree to the terms of the above Legal Statement.
Bloomberg is an equal opportunity/affirmative action employer and we welcome applications from all backgrounds regardless of race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other classification protected by law.