Third-Party Cybersecurity Risk Management Analyst

Job description

Our vision is to transform how the world uses information to enrich life for all.

Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever.

The Third‑Party Cybersecurity Risk Management (TPCRM) Analyst plays an integral part in the development, implementation, and monitoring of information risk management related to external suppliers. The analyst is responsible for identifying, assessing, monitoring, reporting, and auditing cybersecurity risks arising from third‑party relationships, with a focus on Information Security, Privacy, Regulatory Compliance, and Governance.

Responsibilities

• Serve as a subject matter expert to ensure and monitor compliance with industry and government cybersecurity, privacy, and regulatory requirements as they relate to third‑party relationships at the Enterprise/Region/Site level. 
• Conduct third‑party risk assessments to evaluate supplier security posture against organizational security, privacy, and resilience requirements.
• Perform gap analysis against frameworks and standards such as ISO 27001, NIST, SOX, TISAX, and GDPR, and drive remediation with suppliers. 
• Assess assessment design effectiveness and continually monitor operating effectiveness of third‑party security and privacy controls.
• Track, manage, and monitor third‑party risk treatment and remediation plans, including supplier follow‑ups and evidence validation. 
• Develop, revise, and maintain third‑party risk management policies, standards, processes, and guidelines through formal change management.
This is an excerpt. Read the full job description on Micron careers →