About the Role
This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats.
Reporting to the AVP of Technology Risk, as Cybersecurity Third-Party Risk Management, you will play an important role in identifying, assessing, and monitoring risks associated with third parties to AT&T. You will also span all third-party risk domains to ensure a comprehensive understanding and management of the organization’s true risk profile. In this role, you will also play a key part in supporting the strategic development of the Third-Party Risk Management (TPRM) program, leading communications, and collaborating with stakeholders to drive continuous improvement. This is an individual contributor position with no direct reports.
What you’ll do:
Assist in building and continuously improving the Third-Party Risk Management (TPRM) program.
Collaborate across technology, business, and risk teams to identify and monitor third-party risks.
Document inefficiencies in third-party risk processes and help implement improvements.
Facilitate stakeholder sessions to drive engagement and alignment on TPRM topics.
Help develop and implement third-party risk policies, processes, and frameworks.
Provide subject matter expertise on emerging technology and third-party risk issues.
Support risk monitoring, controls testing, evidence collection, remediation, and audit readiness.
Assist with onboarding and adoption of TPRM requirements across the organization.
Document and support escalation processes for third-party issues.
Requirements
- Bachelor’s degree (BS/BA) desired in Computer Science or Cybersecurity preferred.
- 3-5 years of relevant experience in technology risk management, third party risk, or a related field.
- Strong knowledge of risk and control disciplines, ideally within a global organization.
- Proven experience supporting risk management initiatives, including risk identification, assessment, remediation, and monitoring across all stages of the supplier lifecycle: due diligence, contracting, onboarding, ongoing monitoring, and termination.
- Experience in program development, process improvement, and stakeholder engagement.
- Familiarity with industry standards and regulatory requirements related to technology and third party risk management (e.g., ISO, COSO, COBIT, NIST).
- Excellent communication, collaboration, and analytical skills.
- Experience leading meetings or sessions and presenting to varied audiences,
About the Company
We understand that our customers want an easier, less complicated life.
We’re using our network, labs, products, services, and people to create a world where everything works together seamlessly, and life is better as a result. How will we continue to drive for this excellence in innovation?
With you.
Our people, and their passion to succeed, are at the heart of what we do. Today, we’re poised to connect millions of people with their world, delivering the human benefits of technology in ways that defy the imaginable.