מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Duties and Responsibilities
Ensures third parties are tracked and reviewed according to security standards within expected timelines
Performs security reviews and identify security gaps resulting in remediations for the organization
Engages with technical and business process owners to understand third party relationships and the services they will be providing to
Reviews Master Service Agreements, End User Licensing Agreements and other contractual documents for appropriate security language as necessary
Identifies security and continuity risks with third party relationships and escalates as appropriate to business and risk stakeholders
Develops process documentation for completing third party reviews and assessments
Defines and delivers appropriate GRC metrics, analytics, and scorecards; create monthly metric report
Identifies opportunities for process automation through the use of analytics
Interacts in both oral and written communications with all levels of technical and executive staff in matters related to third party security and continuity
Works with Internal Audit and outside consultants as appropriate on required assessments and audits
Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree.
At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry and five (5) – seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required.
Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. DORA, GDPR, DFARS/NIST 800-171, ISO27001) or the risk register, risk exposure, risk reporting and handling of risk events.
Excellent written and verbal communication skills.
Strong analytical and problem-solving skills.
Project management skills to plan, execute, and monitor initiatives.
The ability to work well with people from many different disciplines with varying degrees of technical experience.
Ability to stay current with emerging threats and industry trends to improve organization’s third party risk management posture
Information security related training or certifications such as CISA, CISSP, or CRISC
Experience performing information security audits or risk assessments
Familiarity with Third Party Risk management processes
Did you know...
If you want to help us build knowledge and solve big problems, let's talk.
משרות נוספות שיכולות לעניין אותך