CO Salary Range: USD 83,950.00 - 119,900.00 per year

Company Summary

DISH, an EchoStar company, has been reimagining the future of connectivity for more than 40 years. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products and now we are building America's First Smart Network™.

Today, our brands include EchoStar, Hughes, DISH TV, Sling TV, Boost Mobile and Gen Mobile.

Department Summary

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our people play vital roles in connecting consumers with the products and platforms of tomorrow.

• Partner with Business Units to identify, analyze and mitigate third party security risk associated with outsourced activities and products
• Provide third party security consultation for new and ongoing third party relationships
• Consult on defining third party security policies and best practices
• Educate and build awareness of third party security requirements
• Improve compliance with security standards and policies across third parties used across the enterprise
• Participate in testing and monitoring of security and privacy controls executed by third parties interacting with DISH data
• Lead security enhancement projects focused on new or changing third party relationships
• Maintain an inventory of third parties who possess and/or interact with DISH data, including key risk information about the relationship, data attributes involved, and regulatory compliance
• Support completion of DISH's information security review process for all new third parties, and annual reviews for all other relationships that receive or interact with DISH data
• Monitor open third party security issues and remediation actions associated with security control gaps to ensure timely closure
• Ensure Third Party relationships are appropriately terminated
• Continuously work to improve the overall Third Party Risk Management Program
• Other responsibilities as assigned

• Bachelor's Degree and at least 3-5 years of directly related experience. Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations
• Experience working in Third Party Risk Management preferred
• Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security

• Solid working knowledge of information security concepts and controls
• Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates
• Ability to work independently with little direction and/or supervision
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization
• Keen attention to detail with the ability to correct on the fly and work independently
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
• Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy and/or data security
• High-level interpersonal skills

• Professional certification (CISA, CSIM, CIA or similar) is a plus

• Experience working with contract documents is a plus