The 3rd Party Security Risk Assessor, will be performing security assessments of vendors, service providers and 3rd party companies that manage systems or information for Company.
- Review services provided by vendor and define scope of assessment based on SIG / AUP
- Perform security assessments or work with 3rd party provider who will be performing the review
- Define appropriate risk levels and corrective actions
- Report on assessment outcomes, risk level and associated recommendations
- Input corrective action plans into system
- Follow up on corrective action plans and review evidence for closure
- Provide metrics on a regular basis (KPI / KRI)
- Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure.
Required Candidate profileQualifications:
- Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience.
- Minimum 7 years professional work experience in Information Security or an IT Auditor role., including a minimum of 2 years in an Vendor or Third Party Risk Assessment role.
- Strong written/verbal communication skills and organizational and work documentation proficiency.
- Good communicator with demonstrated ability to pass messages in a clear and concise manner.
- Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines.
- Ability to coordinate actions from several different teams.
- Experience performing IT audits or IT security risk assessments.
- CISSP, CISM or CISA certification
Salary: Not Disclosed by Recruiter
Industry:Banking / Financial Services / Broking
Functional Area:IT Software - Network Administration, Security
Desired Candidate Profile
Doctorate:Doctorate Not Required
RiverForest Connections Private Limited