Cybersecurity and Third-Party Risk Manager
The Role
About Lord Abbett:
Founded in 1929, Lord Abbett is an independent firm with a singular focus on the management of money. Over the course of our history, we’ve earned a sterling reputation for our leadership, influence, and innovation in the asset management industry. Today, our independent perspective, our commitment to active management, and our intelligent product design continue to make us relevant to individual and institutional investors.
From the very beginning, we’ve recognized that our people are our greatest asset. As an investment-led, investor-focused firm, we value intellectual curiosity, teamwork, and collaboration across the organization.
We’re looking for people with a keen interest in working for a trusted leader in the asset management industry, a desire to expand their knowledge, and a passion for delivering a client experience that exceeds expectations.
Now that you know our history, are you ready to be part of our future?
Job Overview:
Lord Abbett is seeking a Risk Manager to support the Firm’s Information Security Program, specifically to Third-party Risk Management (TPRM) and Cybersecurity programs.
The role will be responsible for supporting the execution of the TPRM lifecycle to ensure vendor risk is managed consistently across security, operational resilience, financial and compliance dimensions as well as strengthening the Firm’s cybersecurity posture through policy and control oversight, control effectiveness validation, and collaboration of security initiatives.
This role requires close coordination across Enterprise Risk Management, Technology, Operations, Compliance, and business stakeholders to maintain an integrated and enterprise-wide resilience posture. The candidate must be capable of operating independently within a Second Line of Defense model while providing structured oversight, credible challenge, and actionable reporting. Responsibilities may intersect with strategic initiatives, regulatory change, digital transformation efforts, and new product or platform implementations. Strong critical thinking, writing, presenting, and stakeholder management skills are essential. Given the dynamic nature of this role, curiosity to learn about all portions of the business and high responsiveness to internal and external events are extremely important.
We’ll trust you to:
Third-Party risk management
- Execute the full TPRM lifecycle: onboarding, due diligence, risk assessment, monitoring, issue remediation, and offboarding.
- Perform vendor risk assessments across information security, operational resilience, financial, compliance, and third-party dependencies; document and risk-rate findings.
- Maintain vendor inventory and workflows within the TPRM/GRC platform; monitor changes in vendor risk posture.
- Manage vendor issues, including remediation tracking and incident escalation coordination.
- Develop reporting and dashboards to communicate vendor risk exposure, trends, and remediation status.
- Partner with Legal and business teams to align TPRM outcomes with contracting, SLAs, and governance; support training and accountability.
Cybersecurity governance & program management
- Provide independent oversight of the information security program, including policies, standards, and control ownership.
- Review and challenge the information security strategy for alignment with risk appetite, regulatory requirements, and emerging threats.
- Support program maturity and consistent control application; contribute to CISO and committee reporting.
- Review cybersecurity incidents, including root cause, remediation, and improvement actions.
- Support incident response planning and exercises.
- Translate technical findings into clear risk insights for technical and non-technical stakeholders.
- Assess control design and effectiveness across infrastructure, applications, cloud, and identity/access management; validate remediation.
- Maintain the cybersecurity risk register and track remediation of high-risk issues.
- Conduct control testing and independent assurance activities.
- Collaborate across Technology, Legal, Compliance, and business teams to embed security practices.
You'll need to have:
- Bachelor’s degree in information security, Computer Science, Risk Management, or related field preferred.
- 5+ years of experience in cybersecurity, technology risk, or risk assurance; financial services experience preferred.
- Hands-on experience in TPRM, including vendor lifecycle management.
- Experience assessing controls, supporting incident reviews, and providing risk oversight.
- Familiarity with frameworks such as NIST, ISO 27001, and SOC 2.
- Knowledge of vulnerability management, incident response, IAM, cloud security, and security monitoring tools.
- Experience with TPRM/GRC platforms preferred.
- Relevant certifications (e.g., CISSP, CISA, GIAC, Security+, CRVPM) are a plus.
- Strong analytical, communication, and stakeholder management skills.
- Ability to operate independently, manage priorities, and work across teams.
Why Lord Abbett?
Lord Abbett is a leading global independent, privately held investment management company. We are active managers and invest where we believe we have a repeatable edge and can deliver alpha for our clients. Our vision is to be the most respected asset manager in the world, admired for our people, our performance, our relationships, and our organizational agility. This inspires the three pillars of our culture.
- Principles-Based - We empower our leaders to create an environment of trust.
- Performance-Oriented - We inspire our people to embody our values, excellence, responsibility, transparency & collaboration.
- Purpose-Driven - We instill a passion for always putting our clients' interests first.
We were honored to be ranked #1 in Barron’s Best Fund Families for 2024 and to have earned recognition as one of the Best Places to Work in Money Management by Pensions & Investments for five consecutive years.
Compensation Information: Annual base salary for this role is $95,000 - $110,000. Salary is estimated for this role. Actual pay may be different.
Discretionary Bonus: Role may be eligible to receive an annual discretionary bonus. Discretionary bonuses are determined by several factors including, but not limited to, firm, team, and individual performance.
Benefits: Lord Abbett is committed to offering a competitive total rewards package to all eligible employees. Offerings include competitive total compensation, retirement plans, competitive health and well-being plans. To learn more about what we offer, please visit Careers | Lord Abbett
Lord Abbett is an equal employment opportunity employer. We are committed to providing equal employment opportunities to all qualified individuals without regard to the following legally protected characteristics: race, color, religion, sex, pregnancy, national origin, age, physical or mental disability, marital status, sexual orientation, sexual identity, caregiver status, military/veteran status, or any other characteristic protected by local, state or federal law. All employment decisions at Lord Abbett are based solely on the applicant’s relevant experience, skills and qualifications.
Important notice to Search Firms - Please Read CarefullyWithout prior written agreement, Lord Abbett does not accept unsolicited submissions from employment agencies, search firms, placement services, or any similar provider (“Search Firms”) for employment opportunities. All candidates submitted by Search Firms to any employee or partner at our company without a written Search Firm agreement in place will be deemed the sole property of our company. In such circumstances, no fee, commission, or other compensation will be paid to such Search Firm in the event a candidate is hired by our company. To the extent a Search Firm has a written agreement in place, all introductions are position specific and should be directed to HR or the hiring manager, so we kindly request no unsolicited phone calls or emails.
