Share this Job

Third Party Cybersecurity Risk Management Lead

Date: Jul 19, 2022

Location: Nashville, TN, US, 37228

Company: A. O. Smith Corporation

Company / Location Information

Water technology is one of the fastest-growing industries in the world. As a leading global water technology company, A. O. Smith Corporation (NYSE: AOS) is at the center of the trend. We are a $3.5 billion company with over 140 years of history and 13,000+ employees. Our emphasis is on hot water and clean water; we are one of the world’s largest manufacturers of residential and commercial water heating equipment as well as a supplier of water purification products in a number of emerging countries.

With manufacturing operations in the United States, Canada, Mexico, China, India, and Europe, we have the reach to serve customers worldwide.


A.O. Smith is committed to continuous improvement and maintaining a culture that values and respects our employees.  Recognized by The Tennessean as one of the top Nashville area Workplaces, we have programs in place to help our team members achieve their potential. When you join our team, you will receive rewards and recognition for your contributions, training and professional development opportunities, as well as a variety of benefits to support you and your family's health, well-being, and financial future. If you are inspired to learn, take risks, and succeed as a team, you can build an amazing career at A. O. Smith.


This role is located in our modern Nashville Metro Center office, located just minutes from downtown with easy interstate access and free parking.  This role can be a Hybrid with 3 days a week in the office after an initial 90 day period.  Fully remote work is not an option at this time. 

Primary Function

As a Third-Party Cybersecurity Risk Management Lead, you will work with all levels of leadership within IT and other business areas (e.g., supply chain, procurement, and legal) to assess, track mitigations, and monitor A.O. Smith's third-parties cybersecurity risk. To ensure success in this position, you should possess extensive working knowledge of cybersecurity risk management processes, tools, dependencies, and integrations.  Our ideal candidate thrives in collaborative team environments, has strong leadership skills, is comfortable interacting with staff who have varying degrees of technical knowledge, has strong problem-solving skills with a drive to understand how things work, and isn’t afraid to ask questions.



  1. Managing the strategy for the Third Party Risk Management Program
  2. Excellent technical and business knowledge of enterprise cybersecurity third-party risk management
  3. Provide business value to A.O. Smith through the execution of third-party cybersecurity assessments, risk mitigation tracking, and monitoring
  4. Use and recommend tools or automation to improve the customer experience of interacting with cybersecurity risk management
  5. Develop, select, and maintain tools and educate leadership on the third-party cybersecurity current and desired future conditions
  6. Develop metrics for reporting the program status, progress, and areas that need improvement to management
  7. Responsible for managing Information Security Governance, Risk & Compliance process to implement our security policies, standards, and controls at a global level
  8. Lead and manage significant security related projects
  9. Represent the cyber security function in multiple forums
  10. Provide input and recommendations on cybersecurity policy, risk, and overall security best practice


  • Ability to travel domestically and globally
  • Working knowledge of Third Party Risk Management tools
  • Strong organizational skills and attention to detail
  • Excellent written and verbal communication skills
  • Ability to deal tactfully and diplomatically with others
  • Flexibility to handle multiple priorities, sometimes simultaneously, under deadline pressure
  • Security certification/accreditation including CISM, CISSP, and GIAC are preferred


Bachelor's Degree in Information Technology Management

Years of Experience

Minimum of 5 years related work experience

We Offer

Competitive compensation package and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.

Nearest Major Market: Nashville

Job Segment: Cyber Security, Risk Management, Supply Chain, Compliance, Information Security, Security, Finance, Operations, Legal, Technology