Location: New York,NY, USA
LocationNew York - 225 Liberty Street, Suite 4301 (BP)BusinessAt Brookfield Properties, our global network and relationships are here for our tenants and partners — wherever they are in the world. Where going to work never feels routine. We integrate commercial real estate with world-class shops, restaurants, and entertainment, creating spaces where work and play don't just coexist, but thrive. If you're ready to be a part of our team, we encourage you to apply.Job DescriptionWe Are Brookfield Properties:We are seeking an IT Manager, Third-Party Risk to join the Brookfield Properties U.S. Office Division in New York, NY. In this role, you will play a key part in inspiring change and continual improvement. If you are committed to excellence and ready to contribute to a dynamic culture, we would love to meet you.The IT Manager, Third-Party Risk will join our Information Security team. Reporting directly to the Director of IT GRC, this pivotal role will oversee the operational and strategic aspects of our third-party cyber risk program. We seek a self-driven leader with a passion for process improvement and the ability to serve as a subject matter expert in vendor and compliance risk management.Role & Responsibilities:Independently conduct thorough third-party information security risk assessments, due diligence, and ongoing oversight of third-party services to ensure compliance and securityCollaborate with third parties and internal partners to develop and implement corrective action plans, mitigating and resolving third-party risks effectivelyPlay a vital role in shaping the department's overall strategy, processes, and approaches, demonstrating strong expertise in cybersecurity and complianceCollaborate seamlessly with leadership, multiple internal organizations, external parties, legal, compliance, IT, and business units to leverage relationships, address priority issues, proactively identify, and promptly mitigate risks associated with third-party engagementsDrive process innovation, including activities like automation, and lead initiatives to enhance the efficiency, effectiveness, and operational capabilities of the third-party risk management programEstablish and maintain a comprehensive third-party risk register to address potential vulnerabilities across significant risk areasReview contractual agreements to ensure proper provisions are included to protect company data in third-party engagementsAdminister program procedures, tools, and related support materials to maintain consistent and effective risk management practicesYour Qualifications:Bachelor's degree in Business, Computer Science, Information Technology, or related field. Related certifications (e.g., CISA, CISSP, CRISC) will be helpful7+ years of combined IT and experience in third-party risk management in a global companyProfessional information security experience, including conducting comprehensive third-party risk assessmentsAct as a subject matter expert on third-party risk management, providing guidance and training to internal stakeholdersStrong knowledge in understanding and ability to review and analyze SOC reportsStrong knowledge of industry standards and regulations, including ISO 27001, NIST, GDPR, PCI, SOX, and other data/privacy regulations and standardsStrong understanding and practical experience in implementing risk management frameworks. This includes a comprehensive grasp of the risk management cycle, covering areas such as vulnerabilities, threats, and controls, enabling practical evaluation and mitigation of third-party risksExtensive knowledge of data security, access control systems, and related mattersAbility to deliver regular reports and updates to senior management on the status of third-party risk management efforts, including establishing KPIs and metrics to gauge program effectivenessDetail-oriented with excellent analytical, problem-solving, and organizational skills, coupled with strong communication abilities (both written and verbal)Proven ability to work independently and in a team environmentAbility to coordinate and perform multiple tasks/projects simultaneously, balancing priorities and deliverablesExperience with the OneTrust third-party risk management module is a plusKnowledge of PowerBI is a plusAdditionally, may be required to perform other duties as assignedCompensation:Salary Type: Non-exemptPay Frequency: Bi-weeklyAnnual Base Salary Range: $105,000-$135,000We are proud to create a diverse environment and are proud to be an equal opportunity employer. We are grateful for your interest in this position, however, only candidates selected for pre-screening will be contacted.#BPUSAt Brookfield Properties, our success starts with our people. People like you. We develop, operate, and manage more than 1100 properties and 390 million square feet of real estate across the globe. It's a feat that wouldn't be possible without our team, a diverse group of creative visionaries and innovative experts who are relentless in pursuit of one goal: to ensure our buildings don't simply meet the needs of our tenants, residents, and communities — but exceed them, every day.