About the Role
Yubico seeks a Third Party Risk Specialist to support Yubico’s compliance and vendor assurance program.
You will be responsible for supporting Yubico’s vendor assurance program, improving our risk posture, and tracking deviations from Yubico standards. You’ll be a member of the Yubico Enterprise Security (YES) team and responsible for assessing vendor’s information security programs and risk postures in relation to Yubico’s operational requirements. Additionally, you will regularly review vendor’s implementations and work with internal stakeholders to track and remediate deficiencies. You’ll have an opportunity to work with a diverse set of business and technical teams to understand risks, integrate controls, and produce the documentation necessary to drive adherence with security requirements.
Tasks & Responsibilites:
Perform technical assessments and in-depth evaluations of vendor provided systems, software, and services to validate functionality and compliance with Yubico standards
Review existing vendor controls to identify gaps and areas for improvement
Generate reports for non-technical stakeholders to translate technical requirements into concise actionable insights to business leaders
Develop technical controls and work programs to assess internal risk postures
Requirements
Basic Requirements:
- Bachelor degree preferred (or equivalent education and experience)
- 3+ years of experience in risk management, information security, or relevant consulting
- Excellent communication skills - verbal and written
- Proven ability to manage projects and prioritize tasks effectively
- Strong working knowledge of regulatory guidelines and frameworks
- Demonstrated ability to contribute to a continuous learning and process improvement environment
- Proficiency working in the Google Workspace productivity suite
Preferred Skills and Experience:
- Experience incorporating controls from Google Cloud, Azure, and AWS
- Experience consulting in a technical capacity and familiarity with web application assessments
- Experience working in a multinational environment
- Ability to travel to other offices that include: Stockholm, Silicon Valley, and Seattle. Expected travel frequency is at least twice per year
About the Company
Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.
Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.
As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.