Job Information
AECOM Third Party Risk Management Analyst in Bengaluru, India
Company Description
At AECOM, we’re delivering a better world.
We believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.
Our clients trust us to bring together the best people, ideas, technical expertise and digital solutions to our work in transportation, buildings, water, the environment and new energy. We’re one global team – 47,000 strong – driven by a common purpose to deliver a better world.
Here, you will have freedom to grow in a world of opportunity.
We will give you the flexibility you need to do your best work with hybrid work options. Whether you’re working from an AECOM office, remote location or at a client site, you will be working in a dynamic environment where your integrity, entrepreneurial spirit and pioneering mindset are championed.
You will help us foster a culture of equity, diversity and inclusion – a safe and respectful workplace, where we invite everyone to bring their whole selves to work using their unique talents, backgrounds and expertise to create transformational outcomes for our clients.
We will encourage you to grow and develop your career with us through our technical and professional development programs and diverse career opportunities. We believe in leadership at all levels. No matter where you sit in the organization you can make a lasting impact on the projects you work on, the teams and committees you join and our business.
We offer competitive pay and benefits, well-being programs to support you and your family, and the development resources you need to advance your career.
When you join us, you will connect and collaborate with a global network of experts – planners, designers, engineers, scientists, consultants, program and construction managers – leading the change toward a more sustainable and equitable future. Join us and let’s get started.
Job Description
Role and Responsibilities
Evaluate requests for third party engagements
Triage/complete requests from AECOM clients regarding AECOM’s control environment
Collaborate with business requestors, procurement, legal, and other teams to ensure questionnaires are
completed timely
Collaborate with security/IT team members to ensure a full understanding of security controls, technology, and
architecture
Conduct initial and periodic third party risk assessments
Review responses to security questionnaires, SOC 1 and SOC 2 assessment reports received from third parties to
identify potential risk to AECOM
Identify gaps/issues based on third party and/or client standards relative to security postures
Devise remediation plans and monitor to ensure adherence by third parties and AECOM security/IT
Build and maintain an inventory of third parties
Establish and maintain a central repository of security questions/answers
Review third party and client contracts to validate appropriate security requirements and commitments
Manager AECOM’s response to existing and potential business partners/clients/third parties security due diligence (questionnaires, site visits, etc.)
Qualifications
2-3 years of career experience related to information security, IT, audit, third party, and/or risk
Manage, enhance and implement the framework, policies, procedures and program governance to ensure alignment of TPRM with industry best practices and regulatory requirements (NIST, FFIEC, OCC, etc.)
Develop tactical and strategic plans to evolve the third-party risk management program to ensure compliance with new regulations and alignment with industry best practices
Experience in completing and reviewing security and/or privacy questionnaires
Strong knowledge of security best practices (ISO, NIST Cybersecurity Framework, etc.)
Strong prioritization and organizational skills
Ability to develop, document, and maintain procedures
Strong verbal communication with the ability to advise management regarding third party and client risk
management
Knowledge of RSA’s Archer GRC platform desirable
Additional Information
Additional information
With infrastructure investment accelerating worldwide, our services are in great demand, and there’s never been a better time to be at AECOM! Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility.
AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.
As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Join us and let’s get started.
All your information will be kept confidential according to EEO guidelines.
With infrastructure investment accelerating worldwide, our services are in great demand, and there’s never been a better time to be at AECOM! Join us, and you’ll get all the benefits of being a part of a global, publicly traded firm – access to industry-leading technology and thinking and transformational work with big impact and work flexibility.
AECOM provides a wide array of compensation and benefits programs to meet the diverse needs of our employees and their families. We also provide a robust global well-being program. We’re the world’s trusted global infrastructure firm, and we’re in this together – your growth and success are ours too.
As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Join us and let’s get started.
ReqID: REF20578Z
Business Line: Geography OH
Business Group: DCS
Strategic Business Unit: GBS
Career Area: Program & Project Management
Work Location Model: Hybrid