At Trane TechnologiesTM (https://www.tranetechnologies.com) and through our businesses including Trane® (https://www.trane.com) and Thermo King® (https://www.Thermoking.com) , we create innovative climate solutions for buildings, homes, and transportation that challenge what’s possible for a sustainable world. We're a team that dares to look at the world's challenges and see impactful possibilities. We believe in a better future when we uplift others and enable our people to thrive at work and at home. We boldly go.

As part of the Cybersecurity Governance, Risk, and Compliance (GRC) team, the Senior Analyst, Cybersecurity Supply Chain Risk Management will play an integral role in identifying, evaluating, and reporting on cybersecurity risks on suppliers and other key third parties in a manner that allows Trane Technologies to manage identified risks and meet regulatory and compliance requirements. This role reports to the Senior Manager, Cybersecurity Risk Management. The ideal candidate for this role has both the technical expertise and leadership skills to influence and seamlessly collaborate across multiple stakeholder groups.

Thrive at work and at home:

• Benefits kick in on DAY ONE for you and your family, including health insurance and holistic wellness programs that include generous incentives – WE DARE TO CARE !

• Family building benefits include fertility coverage and adoption/surrogacy assistance.

• 401K match up to 6%, plus an additional 2% core contribution = up to 8% company contribution.

• Paid time off, including in support of volunteer and parental leave needs.

• Educational and training opportunities through company programs along with tuition assistance and student debt support .

• Learn more about our benefits here (https://careers.tranetechnologies.com/global/en/benefits) !

This is a Remote position.

Responsibilities:

• Conduct cybersecurity risk assessments of suppliers utilizing Trane Technologies’ supply chain risk management framework, including:

• Review of inherent risk profiles.

• Review of detailed security assessments and evidence.

• Generation of assessment reports focused on key risks and control health.

• Document and report on identified supplier risks associated with Trane Technologies’ business, products, systems and information assets.

• Work closely with key stakeholders on identifying adequate risk reduction measures where required, and collaborating with technical SMEs as needed.

• Coordinate with internal stakeholders such as Sourcing and Legal on assessment results and mitigation strategies.

• Performs ongoing monitoring activities to ensure suppliers maintain appropriate security posture throughout the duration of engagement.

• Reports on key risk indicators and metrics regarding supplier risk assessments.

• Serve as a cybersecurity risk liaison to advise other IT and cybersecurity team members.

• Continuously identify and implement improvements to the supply chain cybersecurity risk management framework in collaboration with the Senior Manager, Cybersecurity Risk Management.

• Assist with implementing the supply chain cybersecurity risk management process in a GRC solution.

Qualifications:

• Bachelor’s degree in a related field preferred, and/or a minimum of 5-7 years of equivalent experience in Cybersecurity, IT Audit/Governance/Risk/Compliance, or similar role(s).

• Solid technical understanding of cybersecurity concepts, standards, guidelines and principles, particularly with regards to cloud providers and Software as A Service (SaaS).

• Effective project management and organizational skills, including managing multiple, concurrent projects and tasks.

• Familiarity with multiple regulatory frameworks and controls such as ISO 27001, NIST-CSF and/or 800-53; SSAE 18/SOC2.

• Strong critical thinking and analytical skills with the ability to apply technical requirements to operational/business controls and requirements.

• Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority.

• Demonstrated leadership skills with ability to communicate effectively and work independently, both as part of and leading a team.

• At least one of the following certifications preferred: CISM, CISSP, CISA, CRISC.

• Travel: 5-10%

Base Pay Range: $115,000 to $150,000.

Additional Compensation: Total compensation for this role also will include an incentive plan.

Disclaimer: This "range" could be a result of seniority, merit, geographic location where the work is performed, education, experience, travel requirements for the job, or because of a system the employer uses to measure earnings by quantity or quality of production (so, for example, positions that may not have traditional salary ranges).

*Benefits vary by region, business alignment, union involvement and employee status.

We offer competitive compensation and comprehensive benefits and programs. We are an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.

#LI-Remote