NetApp Analyst 

India, Karnataka, Bengaluru 

576745457

Duties and Responsibilities

• Ensures third parties are tracked and reviewed according to security standards within expected timelines

• Performs security reviews and identify security gaps resulting in remediations for the organization

• Engages with technical and business process owners to understand third party relationships and the services they will be providing to

• Reviews Master Service Agreements, End User Licensing Agreements and other contractual documents for appropriate security language as necessary

• Identifies security and continuity risks with third party relationships and escalates as appropriate to business and risk stakeholders

• Develops process documentation for completing third party reviews and assessments

• Defines and delivers appropriate GRC metrics, analytics, and scorecards; create monthly metric report

• Identifies opportunities for process automation through the use of analytics

• Interacts in both oral and written communications with all levels of technical and executive staff in matters related to third party security and continuity

• Works with Internal Audit and outside consultants as appropriate on required assessments and audits

• Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree.

• At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry and five (5) – seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required.

• Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. DORA, GDPR, DFARS/NIST 800-171, ISO27001) or the risk register, risk exposure, risk reporting and handling of risk events.

• Excellent written and verbal communication skills.

• Strong analytical and problem-solving skills.

• Project management skills to plan, execute, and monitor initiatives.

• The ability to work well with people from many different disciplines with varying degrees of technical experience.

• Ability to stay current with emerging threats and industry trends to improve organization’s third party risk management posture

• Information security related training or certifications such as CISA, CISSP, or CRISC

• Experience performing information security audits or risk assessments

• Familiarity with Third Party Risk management processes