Cybersecurity and Third-Party Risk Manager

Lord Abbett.com

$95K — $110K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in information security, Computer Science, Risk Management, or related field preferred.
  • 5+ years of experience in cybersecurity, technology risk, or risk assurance; financial services experience is a plus.
  • Hands-on experience in third-party risk management (TPRM) and vendor lifecycle management.
  • Experience in assessing controls and supporting incident reviews.
  • Familiarity with risk management frameworks like NIST, ISO 27001, and SOC 2.
  • Knowledge of security domains such as vulnerability management and cloud security.
  • Relevant certifications (CISSP, CISA, GIAC) are advantageous.

Responsibilities

  • Execute the complete TPRM lifecycle including onboarding and risk assessment.
  • Perform vendor risk assessments across multiple dimensions and document findings.
  • Maintain vendor inventory and track changes in risk posture.
  • Manage vendor issues with a focus on remediation and escalation.
  • Develop dashboards to report on vendor risk exposure and trends.
  • Partner with Legal and business teams to align TPRM outcomes with governance needs.
  • Provide oversight of the information security program, including policy and control review.

Benefits

  • Competitive total compensation including discretionary bonuses based on performance.
  • Comprehensive retirement plans and health-related benefits.
  • Support for employee well-being through competitive health plans.
Full Job Description
The Role

Job Overview:

Lord Abbett is seeking a Risk Manager to support the Firm's Information Security Program, specifically to Third-party Risk Management (TPRM) and Cybersecurity programs.

The role will be responsible for supporting the execution of the TPRM lifecycle to ensure vendor risk is managed consistently across security, operational resilience, financial and compliance dimensions as well as strengthening the Firm's cybersecurity posture through policy and control oversight, control effectiveness validation, and collaboration of security initiatives.

This role requires close coordination across Enterprise Risk Management, Technology, Operations, Compliance, and business stakeholders to maintain an integrated and enterprise-wide resilience posture. The candidate must be capable of operating independently within a Second Line of Defense model while providing structured oversight, credible challenge, and actionable reporting. Responsibilities may intersect with strategic initiatives, regulatory change, digital transformation efforts, and new product or platform implementations. Strong critical thinking, writing, presenting, and stakeholder management skills are essential. Given the dynamic nature of this role, curiosity to learn about all portions of the business and high responsiveness to internal and external events are extremely important.

We'll trust you to:

Third-Party risk management
  • Execute the full TPRM lifecycle: onboarding, due diligence, risk assessment, monitoring, issue remediation, and offboarding.
  • Perform vendor risk assessments across information security, operational resilience, financial, compliance, and third-party dependencies; document and risk-rate findings.
  • Maintain vendor inventory and workflows within the TPRM/GRC platform; monitor changes in vendor risk posture.
  • Manage vendor issues, including remediation tracking and incident escalation coordination.
  • Develop reporting and dashboards to communicate vendor risk exposure, trends, and remediation status.
  • Partner with Legal and business teams to align TPRM outcomes with contracting, SLAs, and governance; support training and accountability.

Cybersecurity governance & program management
  • Provide independent oversight of the information security program, including policies, standards, and control ownership.
  • Review and challenge the information security strategy for alignment with risk appetite, regulatory requirements, and emerging threats.
  • Support program maturity and consistent control application; contribute to CISO and committee reporting.
  • Review cybersecurity incidents, including root cause, remediation, and improvement actions.
  • Support incident response planning and exercises.
  • Translate technical findings into clear risk insights for technical and non-technical stakeholders.
  • Assess control design and effectiveness across infrastructure, applications, cloud, and identity/access management; validate remediation.
  • Maintain the cybersecurity risk register and track remediation of high-risk issues.
  • Conduct control testing and independent assurance activities.
  • Collaborate across Technology, Legal, Compliance, and business teams to embed security practices.


You'll need to have:

  • Bachelor's degree in information security, Computer Science, Risk Management, or related field preferred.
  • 5+ years of experience in cybersecurity, technology risk, or risk assurance; financial services experience preferred.
  • Hands-on experience in TPRM, including vendor lifecycle management.
  • Experience assessing controls, supporting incident reviews, and providing risk oversight.
  • Familiarity with frameworks such as NIST, ISO 27001, and SOC 2.
  • Knowledge of vulnerability management, incident response, IAM, cloud security, and security monitoring tools.
  • Experience with TPRM/GRC platforms preferred.
  • Relevant certifications (e.g., CISSP, CISA, GIAC, Security+, CRVPM) are a plus.
  • Strong analytical, communication, and stakeholder management skills.
  • Ability to operate independently, manage priorities, and work across teams.


Compensation Information: Annual base salary for this role is $95,000 - $110,000. Salary is estimated for this role. Actual pay may be different.

Discretionary Bonus: Role may be eligible to receive an annual discretionary bonus. Discretionary bonuses are determined by several factors including, but not limited to, firm, team, and individual performance.

Benefits: Lord Abbett is committed to offering a competitive total rewards package to all eligible employees. Offerings include competitive total compensation, retirement plans, competitive health and well-being plans. To learn more about what we offer, please visit Careers | Lord Abbett

Similar Jobs

More Jobs at Lord Abbett.com

More Information Technology Jobs

Find similar Cybersecurity and Third-Party Risk Manager jobs: