Aviation Avionics & Digital Systems
The Need: A Third Party Risk Management Analyst with at least 3 years’ experience
The Opportunity: To contribute directly to the success of innovative cloud based unmanned aerial and autonomous flight operations ecosystem.
This position is responsible for facilitating Third-Party Risk Management activities including outbound risk assessments, due diligence and ongoing monitoring of third parties. This position will also evaluate and document internal controls, assisting with internal security reviews, and working with internal teams to address compliance and audit issues surrounding supply chain management.
Your job will focus on developing supply chain management policies and technical requirements based on industry standards and regulatory requirements. You will lead the analysis of questionnaires pertaining to third party profiles and review evidence of controls and programs.
Your job will be to work with operations and engineering team to understand product requirements and come up with third party vendor security requirements based on regulatory requirements and industry best practices. You will be responsible for conducting third party security reviews, identifying security issues and developing security policies, procedures, and standards for AiRXOS’s supply chain management program. You will also provide insight on the adequacy and effectiveness of third party's controls and overall security posture.
Some tasks you will be working on are:
· Inventory and maintain all third-party vendor/services and how the vendors integrate, process and store AiRXOS data.
· Facilitate and complete inbound customer security questionnaires pertaining to AiRXOS's security program.
· Ensure that appropriate Service-Level Agreements (SLAs) and underpinning contracts have been defined that clearly set out for the customer a description of the service and the measures for monitoring the service.
· Collaborate with Sales and Marketing teams to generate content creation for customers including security whitepapers, product whitepapers and supporting teams on customer inquiry calls. You will also collaborate with stakeholder to identify appropriate criticality of third parties.
· Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions.
· Contribute to third party risk & oversight program execution and adherence, including process enhancements and remediation efforts.
· Bachelor’s Degree in Computer Science or in “STEM” Majors
(Science, Technology, Engineering and Math) strongly preferred; other
bachelor's degrees considered with demonstrated related experience
· At least 1 years of experience with security/privacy
· Knowledge in Information Security industry best practices
· Knowledge of security standards including NIST Risk Management Framework
· Experience in preparing compliance audit workpapers such as artifact request lists, standard test cases and test plans
· Experience with managing and supporting an Enterprise Risk Management (ERM) Lifecycle
· Experience with managing third-party risk
· Must be willing to travel 10%
· Must be willing to work out of an office located in Boston, MA
· Ability to create and analyze
metrics to identify trends, gaps and issues
· Ability to work independently and
in a collaborative team environment
· Possess an industry certification
such as CISSP, CISM, CISA, etc.
· Experience with using and
implementing GRC tools
· Understanding of software
engineering standards and practices
AiRXOS is building new technologies and delivering a new architecture and ecosystem for the next generation of unmanned aviation. We are passionate about enabling safe, secure and economical UAV/Drone operations at global scale. We are accomplishing this with a great collaborative team of driven engineers and technologists with expertise in Distributed & Real-Time Software, Web Services, Cloud Computing, Machine Learning Algorithms, Autonomous Systems & Robotics, Cyber Security, Air Traffic Management, Computer Visualization, and Mobile Applications. Together we are delivering capabilities that will enable a new era in aviation and autonomous systems applications. We would love for you to join us!!
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).