Cybersecurity Assurance & Compliance Analyst

Job Description

Job Description:

As a key member of our Vendor Cyber Risk Management (VCRM) team, you will directly contribute to safeguarding the enterprise by identifying and mitigating the cyber risks introduced by third-party relationships.

Your core responsibility will be to conduct comprehensive cyber risk assessments on our vendors, analyzing their security posture to protect our business. You will drive the risk remediation lifecycle—from identifying and documenting security gaps (Findings) to collaborating with business stakeholders and vendors on effective corrective action plans. This role requires a blend of technical cybersecurity knowledge, an assurance mindset, and strong communication skills to articulate risk and guide stakeholders toward a more secure partnership.

Key Responsibilities:

• Execute comprehensive cyber risk assessments of third-party vendors using Mars’ established risk-based framework and tools.

• Monitor vendor’s cybersecurity posture using third-party assessment tools.

• Identify, document, and manage cybersecurity risks and issues within our issue tracking system.

• Collaborate with internal and external stakeholders (vendors) on remediation plans and risk mitigation.

• Support user attestation, validating active accounts, and reporting discrepancies.

• Perform periodic user attestation activities on strategic partners to ensure access rights are appropriate and authorized, and report discrepancies.

• Execute peer review of VCRM assessments conducted by team members.

• Update and maintain process runbooks as well as knowledge base

• Suggest process improvements and automation opportunities to enhance program efficiency.

Context and Scope:

• Works under guidance of Senior Analysts and Team Leads to ensure accurate and timely execution of vendor cyber risk assessments and issue management activities.

• Communicates effectively with vendors and internal stakeholders to facilitate remediation and compliance.

• Supports continuous improvement initiatives within the VCRM program.

• Collaborates with cross-functional teams to ensure data accuracy and program alignment.

Job Specifications/Qualifications:

• University degree in Information Systems, Computer Science, Cybersecurity, or equivalent.

• Infosec/cybersecurity certifications are differentiators.

Knowledge / Experience:

• 2+ years in cyber security, assurance & compliance, third part cyber risk management, or audit roles.

• Knowledge in cyber security frameworks (ISO/IEC , NIST CSF, CIS).

• Strong attention to detail and organizational skills. Good verbal and written communication skills in English. Ability to collaborate effectively within teams.

What can you expect from Mars?

• Work with over 140,000 diverse and talented Associates, all guided by the Five Principles.

• Join a purpose driven company, where we’re striving to build the world we want tomorrow, today.

• Best-in-class learning and development support from day one, including access to our in-house Mars University.

• An industry competitive salary and benefits package, including company bonus.

#TBdigital