Your mission

📍Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls 📍Identify and evaluate security/privacy risks, especially for vendors handling sensitive customer data and critical product supply chain operations. 📍Develop and implement risk mitigation strategies to address identified vulnerabilities 📍Collaborate with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements 📍Monitor vendor performance and compliance with security agreements 📍Contribute to the development and improvement of Ledger's third-party security risk management program 📍Prepare reports and presentations on vendor security risks and mitigation efforts for various stakeholders

What we're looking for

📍Degree or equivalent experience in Information Security, Cybersecurity, or a related field 📍Minimum 2 years of experience in areas like audit, risk management, compliance or control function 📍Strong organizational skills to manage multiple projects and document outcomes effectively 📍Familiarity with security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) 📍Analytical and problem-solving mindset with a proactive approach to challenges 📍Clear and inclusive communication skills for technical and non-technical audiences 📍Experience with security assessment tools and technologies is an asset 📍Knowledge of data privacy regulations (e.g., GDPR, CCPA) 📍Certifications (e.g., CISSP, CISM, CISA) are welcome