Vacancy caducado!
- Perform initial risk reviews on new vendor relationships based on services provided and potential risk areas identified.
- Work directly with the business to coordinate remediation efforts on issues identified during risk reviews.
- Work with the customer on performing self-assessments for existing vendors.
- Regular monitoring and reporting of vendor risks via dedicated dashboards and internal reporting.
- Coordinate periodic business reviews with key customers/departments.
- Work with the GRC team to ensure the annual functional goals are met.
- Obtain and maintain deep understanding of Infosec technologies, processes, capabilities, and services.
- Act as a liaison between Infosec, the rest of the Technology team, and business; develop and maintain strong relationship with key customer contact.
- Serve as a consultant and trusted advisor to the customer.
- Regularly update the Third-Party Risk Lead and Manager on status’ of open risk reviews and other projects.
- Bachelor's degree in computer science, information systems, business, or other related field; or equivalent work experience.
- 1-3 years of experience in a similar Analyst related position
- Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
- Ability to conduct assessments, including analyzing test data and rendering conclusions. Skill in using data mapping, analysis, and visualization tools. Skill in conducting assessments of technical systems. Skill in assessing security controls based on cybersecurity principles. Understands impact/risk assessments and root cause analysis.
- Ability to communicate complex information in a clear, concise and organized manner. Demonstrates skill in managing client relationships and expectations and demonstrating commitment to delivering quality results.
- Knowledge of risk management processes, cybersecurity and privacy principles, and cyber threats and vulnerabilities.
- Knowledge of information classification concepts. Knowledge of principles for managing risks related to handling of data and information.
- Ability to tailor technical and planning information to a customer’s level of understanding.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
- Knowledge of secure software deployment methodologies, tools, and practices, and application security risks.
Vacancy caducado!