Location New York - 225 Liberty Street, Suite 4301 (BP) Business At Brookfield Properties, our global network and relationships are here for our tenants and partners — wherever they are in the world. Where going to work never feels routine. We integrate commercial real estate with world-class shops, restaurants, and entertainment, creating spaces where work and play don’t just coexist, but thrive. If you’re ready to be a part of our team, we encourage you to apply. Job Description We Are Brookfield Properties: We are seeking an IT Manager, Third-Party Risk to join the Brookfield Properties U.S. Office Division in New York, NY. In this role, you will play a key part in inspiring change and continual improvement. If you are committed to excellence and ready to contribute to a dynamic culture, we would love to meet you. The IT Manager, Third-Party Risk will join our Information Security team. Reporting directly to the Director of IT GRC, this pivotal role will oversee the operational and strategic aspects of our third-party cyber risk program. We seek a self-driven leader with a passion for process improvement and the ability to serve as a subject matter expert in vendor and compliance risk management. Role & Responsibilities: + Independently conduct thorough third-party information security risk assessments, due diligence, and ongoing oversight of third-party services to ensure compliance and security + Collaborate with third parties and internal partners to develop and implement corrective action plans, mitigating and resolving third-party risks effectively + Play a vital role in shaping the department's overall strategy, processes, and approaches, demonstrating strong expertise in cybersecurity and compliance + Collaborate seamlessly with leadership, multiple internal organizations, external parties, legal, compliance, IT, and business units to leverage relationships, address priority issues, proactively identify, and promptly mitigate risks associated with third-party engagements + Drive process innovation, including activities like automation, and lead initiatives to enhance the efficiency, effectiveness, and operational capabilities of the third-party risk management program + Establish and maintain a comprehensive third-party risk register to address potential vulnerabilities across significant risk areas + Review contractual agreements to ensure proper provisions are included to protect company data in third-party engagements + Administer program procedures, tools, and related support materials to maintain consistent and effective risk management practices Your Qualifications: + Bachelor's degree in Business, Computer Science, Information Technology, or related field. Related certifications (e.g., CISA, CISSP, CRISC) will be helpful + 7+ years of combined IT and experience in third-party risk management in a global company + Professional information security experience, including conducting comprehensive third-party risk assessments + Act as a subject matter expert on third-party risk management, providing guidance and training to internal stakeholders + Strong knowledge in understanding and ability to review and analyze SOC reports + Strong knowledge of industry standards and regulations, including ISO 27001, NIST, GDPR, PCI, SOX, and other data/privacy regulations and standards + Strong understanding and practical experience in implementing risk management frameworks. This includes a comprehensive grasp of the risk management cycle, covering areas such as vulnerabilities, threats, and controls, enabling practical evaluation and mitigation of third-party risks + Extensive knowledge of data security, access control systems, and related matters + Ability to deliver regular reports and updates to senior management on the status of third-party risk management efforts, including establishing KPIs and metrics to gauge program effectiveness + Detail-oriented with excellent analytical, problem-solving, and organizational skills, coupled with strong communication abilities (both written and verbal) + Proven ability to work independently and in a team environment + Ability to coordinate and perform multiple tasks/projects simultaneously, balancing priorities and deliverables + Experience with the OneTrust third-party risk management module is a plus + Knowledge of PowerBI is a plus + Additionally, may be required to perform other duties as assigned Compensation: Salary Type: Non-exempt Pay Frequency: Bi-weekly Annual Base Salary Range: $105,000-$135,000 We are proud to create a diverse environment and are proud to be an equal opportunity employer. We are grateful for your interest in this position, however, only candidates selected for pre-screening will be contacted. #BPUS At Brookfield Properties, our success starts with our people. People like you. We develop, operate, and manage more than 1100 properties and 390 million square feet of real estate across the globe. It’s a feat that wouldn’t be possible without our team, a diverse group of creative visionaries and innovative experts who are relentless in pursuit of one goal: to ensure our buildings don’t simply meet the needs of our tenants, residents, and communities — but exceed them, every day.