Vacancy expired!
Position Type : Full time Type Of Hire : Experienced (relevant combo of work and education) Education Desired : Bachelor of Computer Science Travel Percentage : 25 - 50%
Job DescriptionAre you curious, motivated, and forward-thinking? At FIS you'll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.About the team:The FIS Risk, Information Security, and Compliance (RISC) team is responsible for ensuring that our products, our technology, our processes, vendors, and clients meet industry standards for security, compliance, and the protection of sensitive data. Our team works domestically and globally to assess and mitigate the risks that can exist across our organization. Celebrating 50 years of top performance in the FINTECH industry has provided us many opportunities for risk mitigation because after all - " Success always requires a certain amount of RISC. "What you will be doing: You will be a key part of the Vendor Risk Management - Critical Relationship Management Team. Our primary responsibility is to perform enhanced security focused risk assessments of our most critical third-party relationships. You will be a key part of the team, with responsibility to perform some of the most critical assessments within the team.Main duties and responsibilities :- Support the end-to-end critical relationship management program which includes managing business, security, compliance, and contractual risks associated with working with third-parties.
- Coordinate the distribution of due diligence questionnaires to the vendors, review submitted questionnaires for completeness, ensure appropriate stakeholders finalize reviews and determine overall risk remediation strategy for issue tracking.
- Partner with the business stakeholders, third-party vendors and subject matter experts (security, compliance, legal, etc.) to ensure program and processes are successfully executed.
- As required, support pre- and post-contract vendor due diligence efforts including security risk triage, administration of appropriate security assessments, and issue management/remediation and escalation.
- Manage a consistently growing continuous monitoring portfolio of vendors to help achieve the objective of maintaining visibility into the risk landscape of the organization's most critical third parties.
- Identify, prioritize and pursue opportunities to enhance the CRM processes.
- Contribute to the development of detailed procedural documents and ensure alignment of CRM with applicable regulatory requirements globally.
- A minimum of 3 years of work relevant risk management experience with at least 2+ years in security.
- Exceptional interpersonal, team building, mentoring, and leadership skills with a demonstrated ability to gain the confidence and respect of senior level executives
- Good understanding of security risk management, integration with enterprise risk management, and the integration with business strategy
- Knowledge of and experience with GRC platforms such as ServiceNow and/or Archer would be very beneficial
- knowledge of security and compliance control frameworks of NIST, CIS, SOX, SOC, GDPR, ISO, COBIT
- Experience performing business analysis, documenting requirements, and implementing solutions on industry-standard information governance
- Assist in the development of actionable reporting and KPIs.
- Support the design, implementation, maintenance, and enforcement of third-party security risk management policies, procedures, and controls
- Oversee the execution of critical relationship management program in client engagements
- Provide oversight in the development and execution of third-party security risk assessment criteria
- Lead new initiatives to continue to expand and improve the overarching CRM program and work with senior stakeholders to promote value and continued awareness
- Self-starter with attention to detail and ability to manage multiple projects, delivering timely, exceptional, and complete projects.
- Hands on experience with regulatory or authoritative regulatory source control libraries for the development of information security policies
- Effective verbal and written communication skills with the ability to take complex information and present to all levels of management, staff, clients and vendors.
- The ability to translate technical language into business terms
- Demonstrated experience in supporting corporate programs
- Demonstrated experience building process and training documentation for information security policy stakeholders
- Experience across Information Security and IT domains such as Governance, Risk, and Compliance, IT operations, incident response, identity and access management, penetration testing, vulnerability scanning, e-discovery & forensics, application development, infrastructure, technical support, or business continuity
- A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities
- The chance to work on some of the most challenging, relevant issues in financial services & technology
- A work environment built on collaboration, flexibility and respect
- ID: #41309217
- State: Florida Intercessioncity 33848 Intercessioncity USA
- City: Intercessioncity
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2022-05-21
- Deadline: 2022-07-19
- Category: Internet engineering