Vacancy expired!
- Engage with internal vendor owners to determine initial third-party vendor risk ratings.
- Manage third-party vendor risk evaluation services.
- Communicate directly with third-party vendors.
- Perform third-party vendor security assessment activities including evaluation of vendor controls and practices, process enhancements, and reviewing independent audit service reports.
- Escalate outstanding risk items to management for acceptance or rejection.
- Communicate and track remediation plans with third-party vendors, business and technology partners, and where applicable, recommend mitigating/compensating controls.
- Maintain and present metrics on the vendor risk program to management.
- Continuously monitor third party vendor’s security posture and information security risk.
- Advise and guide business and technology partners regarding compensating control alternatives where security requirements cannot be met.
- 5+ years’ experience in an information security role
- 3+ years of IT compliance, IT controls, or risk management experience is desired
- Bachelor's degree in Computer Science or technology/information security-related field
- Experience with RiskRecon, CyberGRX and/or Coupa risk module is a plus
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Controls (CRISC) is a plus
- Understanding of ISO-27000 or NIST 800 based security program standards
- Knowledge of relevant legal and regulatory requirements, as well as privacy laws
- Knowledge of security risks pertaining to cloud (IaaS, SaaS, AaaS) offerings
- Quick learner with a desire to always learn combined with the ability to multi-task
- Attentive, organized, and detail oriented
- Excellent communication skills
- ID: #21958309
- State: Connecticut Greenwich 06830 Greenwich USA
- City: Greenwich
- Salary: $120,000 - $140,000
- Job type: Permanent
- Showed: 2021-10-31
- Deadline: 2021-12-23
- Category: Security