Third Party Information Security Consultant

Bank Of America
Washington, DC
23 Nov 2024

Vacancy expired!

Job Description:

The role will be responsible for coordination, conducting and providing cyber security assessment results on information security and business continuity of a Partner Vender. Coordinates and performs yearly assessments on vender provided documentation on information and network security activities, processes and procedures to ensure compliance. Investigates, reviews, and determines assessment findings/gaps as a result of an in-depth assessment of documents relevant to compliance with Industry standards, corporate regulations and risk framework. Develops and maintains assessment findings, documentation, and relevant metrics to ensure appropriate risks are documented, communication and monitored. Assists in the development of reports and metrics to effectively communication to senior leadership the associated risk around the assessment findings. Understanding and the ability to implementation of Enterprise Governance, Risk Management, Compliance framework.

Responsibilities

•Coordinate, conducting and manage cyber security risk and assessment results on information security and business continuity around information and network technology.

•Identifying and escalating risks that may affect third party information security policies, standards, and procedures that do not meet corporate requirements

•Responsible for monitoring, reporting, and support to global teams and Front Line Units (FLU)/Lines of Business (LOB) for Third Party Information Security Partner assessments, risks, and finding statuses.

•Managing, building and maintaining positive internal/external relationships and routines with the global team (Third Party Assessment Team, Enterprise Vendor Managers, Third Party Portfolio Executives and Business Information Security Officers (BISOs) and externally with third party vendors)

•Provides input, views and direction for third party governance of related scenario analysis, reporting statuses and risk management activities

•Manage and maintain compliance risk findings/ gap documentation to communication to Senior leaders the appropriate risk as a result of the assessment

•Provide related support for audit, compliance or regulatory requests by associated quick turnaround deadlines on occasion.

•Supporting global Governance and Third Party assessment management teams and FLU/LOB in the review, approval and governance and reporting of outstanding issues requiring extended remediation, risk acceptance or priority risk downgrade

•Contribution or leadership of global Governance program initiatives

Core skills

•Ability to foster strong working relationships with personnel at all levels of the organization as well as external to the company

•Strong understanding of information technology to include but not limited to: infrastructure hardware, network systems, access and password management, application security, and security measures in a large global organization

•Ability to communicate Technical Information Security and Information Technology in layman's terms as well as the technical details as needed.

•Ability to follow established process and procedure within a tight timeline

•Understanding of Enterprise Governance, Risk Management, Compliance

•Detail oriented with the ability to manage multiple/large volume assessments/audit/projects at one time

•Ability to manage multiple assessments/ projects/program at one time with tight timelines

•Thorough attention to detail and analytical thinking with excellent organizational skill

•Ability to manipulate data from various systems of record to provide reporting dashboards, metrics and scenario analytical views with timely updates

•Previous assessment/audit or project/program management experience

•At least 5 years' experience in an information technology, security audit or information security or risk management areas

•Desire to understand and learn Information Security (IS) and obtain IS certifications in the future as part of the responsibility if not already obtained

•Ability to adapt to change and help initiate change in an evolving industry and working within a team environment

Job Band:H5

Shift:1st shift (United States of America)

Hours Per Week:40

Weekly Schedule:

Referral Bonus Amount:0 >

Job Description:

The role will be responsible for coordination, conducting and providing cyber security assessment results on information security and business continuity of a Partner Vender. Coordinates and performs yearly assessments on vender provided documentation on information and network security activities, processes and procedures to ensure compliance. Investigates, reviews, and determines assessment findings/gaps as a result of an in-depth assessment of documents relevant to compliance with Industry standards, corporate regulations and risk framework. Develops and maintains assessment findings, documentation, and relevant metrics to ensure appropriate risks are documented, communication and monitored. Assists in the development of reports and metrics to effectively communication to senior leadership the associated risk around the assessment findings. Understanding and the ability to implementation of Enterprise Governance, Risk Management, Compliance framework.

Responsibilities

•Coordinate, conducting and manage cyber security risk and assessment results on information security and business continuity around information and network technology.

•Identifying and escalating risks that may affect third party information security policies, standards, and procedures that do not meet corporate requirements

•Responsible for monitoring, reporting, and support to global teams and Front Line Units (FLU)/Lines of Business (LOB) for Third Party Information Security Partner assessments, risks, and finding statuses.

•Managing, building and maintaining positive internal/external relationships and routines with the global team (Third Party Assessment Team, Enterprise Vendor Managers, Third Party Portfolio Executives and Business Information Security Officers (BISOs) and externally with third party vendors)

•Provides input, views and direction for third party governance of related scenario analysis, reporting statuses and risk management activities

•Manage and maintain compliance risk findings/ gap documentation to communication to Senior leaders the appropriate risk as a result of the assessment

•Provide related support for audit, compliance or regulatory requests by associated quick turnaround deadlines on occasion.

•Supporting global Governance and Third Party assessment management teams and FLU/LOB in the review, approval and governance and reporting of outstanding issues requiring extended remediation, risk acceptance or priority risk downgrade

•Contribution or leadership of global Governance program initiatives

Core skills

•Ability to foster strong working relationships with personnel at all levels of the organization as well as external to the company

•Strong understanding of information technology to include but not limited to: infrastructure hardware, network systems, access and password management, application security, and security measures in a large global organization

•Ability to communicate Technical Information Security and Information Technology in layman's terms as well as the technical details as needed.

•Ability to follow established process and procedure within a tight timeline

•Understanding of Enterprise Governance, Risk Management, Compliance

•Detail oriented with the ability to manage multiple/large volume assessments/audit/projects at one time

•Ability to manage multiple assessments/ projects/program at one time with tight timelines

•Thorough attention to detail and analytical thinking with excellent organizational skill

•Ability to manipulate data from various systems of record to provide reporting dashboards, metrics and scenario analytical views with timely updates

•Previous assessment/audit or project/program management experience

•At least 5 years' experience in an information technology, security audit or information security or risk management areas

•Desire to understand and learn Information Security (IS) and obtain IS certifications in the future as part of the responsibility if not already obtained

•Ability to adapt to change and help initiate change in an evolving industry and working within a team environment

Job Band:H5

Shift:1st shift (United States of America)

Hours Per Week:40

Weekly Schedule:

Referral Bonus Amount:0

Job Description:

The role will be responsible for coordination, conducting and providing cyber security assessment results on information security and business continuity of a Partner Vender. Coordinates and performs yearly assessments on vender provided documentation on information and network security activities, processes and procedures to ensure compliance. Investigates, reviews, and determines assessment findings/gaps as a result of an in-depth assessment of documents relevant to compliance with Industry standards, corporate regulations and risk framework. Develops and maintains assessment findings, documentation, and relevant metrics to ensure appropriate risks are documented, communication and monitored. Assists in the development of reports and metrics to effectively communication to senior leadership the associated risk around the assessment findings. Understanding and the ability to implementation of Enterprise Governance, Risk Management, Compliance framework.

Responsibilities

•Coordinate, conducting and manage cyber security risk and assessment results on information security and business continuity around information and network technology.

•Identifying and escalating risks that may affect third party information security policies, standards, and procedures that do not meet corporate requirements

•Responsible for monitoring, reporting, and support to global teams and Front Line Units (FLU)/Lines of Business (LOB) for Third Party Information Security Partner assessments, risks, and finding statuses.

•Managing, building and maintaining positive internal/external relationships and routines with the global team (Third Party Assessment Team, Enterprise Vendor Managers, Third Party Portfolio Executives and Business Information Security Officers (BISOs) and externally with third party vendors)

•Provides input, views and direction for third party governance of related scenario analysis, reporting statuses and risk management activities

•Manage and maintain compliance risk findings/ gap documentation to communication to Senior leaders the appropriate risk as a result of the assessment

•Provide related support for audit, compliance or regulatory requests by associated quick turnaround deadlines on occasion.

•Supporting global Governance and Third Party assessment management teams and FLU/LOB in the review, approval and governance and reporting of outstanding issues requiring extended remediation, risk acceptance or priority risk downgrade

•Contribution or leadership of global Governance program initiatives

Core skills

•Ability to foster strong working relationships with personnel at all levels of the organization as well as external to the company

•Strong understanding of information technology to include but not limited to: infrastructure hardware, network systems, access and password management, application security, and security measures in a large global organization

•Ability to communicate Technical Information Security and Information Technology in layman's terms as well as the technical details as needed.

•Ability to follow established process and procedure within a tight timeline

•Understanding of Enterprise Governance, Risk Management, Compliance

•Detail oriented with the ability to manage multiple/large volume assessments/audit/projects at one time

•Ability to manage multiple assessments/ projects/program at one time with tight timelines

•Thorough attention to detail and analytical thinking with excellent organizational skill

•Ability to manipulate data from various systems of record to provide reporting dashboards, metrics and scenario analytical views with timely updates

•Previous assessment/audit or project/program management experience

•At least 5 years' experience in an information technology, security audit or information security or risk management areas

•Desire to understand and learn Information Security (IS) and obtain IS certifications in the future as part of the responsibility if not already obtained

•Ability to adapt to change and help initiate change in an evolving industry and working within a team environment

Shift:1st shift (United States of America)

Hours Per Week:40

Learn more about this role
  • ID: #23298061
  • State: District of Columbia Washington 20001 Washington USA
  • City: Washington
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2021-11-23
  • Deadline: 2022-01-21
  • Category: Security