Micron Technology
Third-PartyCybersecurityRiskManagementAnalyst
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Third-Party Cybersecurity Risk Management Analyst at Micron Technology. Skills: Information Security, Privacy, Regulatory Compliance. Serve as subject matter expert. Monitor compliance with cybersecurity requirements”
Industry & Context.
Problem-solving; Analytical; Risk-based decision-making
Onsite audits if needed
What They're Looking For.
Must Have
Minimum two years of experience in Third-party / vendor risk management, Minimum two years of experience in supplier assessments, Minimum two years of experience in external assurance programs, Minimum two years of experience in IT business process knowledge, Minimum two years of experience in business acumen, Minimum two years of experience supporting procurement, Minimum two years of experience interfacing with procurement, Minimum two years of experience supporting legal, Minimum two years of experience interfacing with legal, Minimum two years of experience supporting vendor management, Minimum two years of experience interfacing with vendor management, Minimum two years of experience in risk analytics, Minimum two years of experience in reporting related to vendor risk, Minimum two years of experience in reporting related to operational risk, Minimum two years of experience in reporting related to IT risk, Minimum two years of experience in threat assessment methodologies, Minimum two years of experience in vulnerability assessment methodologies, Minimum two years of experience in business continuity assessment methodologies, Minimum two years of experience in third-party risk assessment methodologies, Knowledge of NIST Cybersecurity Framework, Knowledge of ISO standards, Knowledge of SOX, Knowledge of GDPR, Knowledge of HIPAA, Knowledge of PCI DSS, Knowledge of cybersecurity risk practices, Knowledge of cybersecurity risk practices applied to third-party ecosystems
Nice to Have
Master's degree is a plus, CRISC certification or equivalent is a plus, CISA certification or equivalent is a plus, CISSP certification or equivalent is a plus, ISO 270001 Lead Auditor certification or equivalent is a plus, SharePoint skills preferred, Other sharing platforms skills preferred
What You'll Do.
Serve as subject matter expert
Monitor compliance with cybersecurity requirements
Monitor compliance with privacy requirements
Monitor compliance with regulatory requirements
Conduct third-party risk assessments
Evaluate supplier security posture
Perform gap analysis against frameworks
Perform gap analysis against standards
Drive remediation with suppliers
Assess assessment design effectiveness
Monitor operating effectiveness of third-party controls
Track third-party risk treatment plans
Manage third-party risk treatment plans
Monitor third-party risk treatment plans
Track remediation plans
Manage remediation plans
Monitor remediation plans
Follow up with suppliers
Validate evidence from suppliers
Develop third-party risk management policies
Revise third-party risk management policies
Maintain third-party risk management policies
Develop third-party risk management standards
Revise third-party risk management standards
Maintain third-party risk management standards
Develop third-party risk management processes
Revise third-party risk management processes
Maintain third-party risk management processes
Develop third-party risk management guidelines
Revise third-party risk management guidelines
Maintain third-party risk management guidelines
Support third-party governance activities
Conduct onsite supplier audits
Report third-party cyber risk posture
Conduct cybersecurity research
Conduct regulatory research
Conduct supplier-related research
Support threat identification
Support risk mitigation activities
Communicate risk to stakeholders
Partner with procurement teams
Partner with legal teams
Partner with information security teams
Partner with business teams
Assess third-party cybersecurity risk
Implement third-party cybersecurity risk management
Monitor third-party cybersecurity risk management
Advise on third-party cyber risk considerations
Advise on due diligence expectations
Advise on standards compliance
How You'll Work.
Team & Collaboration
Internal procurement teams; Legal teams; Information security teams; Business teams; Procurement stakeholders; Legal stakeholders; Information security stakeholders; Business stakeholders; Technology stakeholders
Communication Scope
Executive-level communications; Business-relevant language
Full Job Description
**Our vision is to transform how the world uses information to enrich life for _all_. ** Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever. The Third‑Party Cybersecurity Risk Management (TPCRM) Analyst plays an integral part in the development, implementation, and monitoring of information risk management related to external suppliers. The analyst is responsible for identifying, assessing, monitoring, reporting, and auditing cybersecurity risks arising from third‑party relationships, with a focus on Information Security, Privacy, Regulatory Compliance, and Governance. **Responsibilities** * Serve as a subject matter expert to ensure and monitor compliance with industry and government cybersecurity, privacy, and regulatory requirements as they relate to third‑party relationships at the Enterprise/Region/Site level. * Conduct third‑party risk assessments to evaluate supplier security posture against organizational security, privacy, and resilience requirements. * Perform gap analysis against frameworks and standards such as ISO 27001, NIST, SOX, TISAX, and GDPR, and drive remediation with suppliers. * Assess assessment design effectiveness and continually monitor operating effectiveness of third‑party security and privacy controls. * Track, manage, and monitor third‑party risk treatment and remediation plans, including supplier follow‑ups and evidence validation. * Develop, revise, and maintain third‑party risk management policies, standards, processes, and guidelines through formal change management. * Support overall third‑party governance activities, to include conducting onsite supplier audits if needed, and report third‑party cyber risk posture against established enterprise risk metrics. * Conduct cybersecurity, regulatory, and supplier‑related research to support emerging third‑party threat iden
Applying for this Third-Party Cybersecurity Risk Management Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Micron Technology?
Real rants from real employees. Read before you apply.