3rd Party Security Risk Assessment Consultant
$$$Great Daily Rate w2
Jersey City, NJ
A Contract position at One of the largest international banking networks with strong positions in Asia and a significant presence in the United States..
Pay Options: w2
Contact Maxim call (646) 876-9538 / (212) 616-4800 ext.190 or email email@example.com with the Job Code MN30523 or Click the Apply Now button (Sorry, NO IC - Self Incorporated or 3rd Party (Subcontract) or 1099 for this position!).
Location: Jersey City.
Skills required for the position: Information Security, SIG, AUP, HIPEROS, VENDOR MANAGEMENT, CISSP.
Detailed Info: to review services provided by vendor and define scope of assessment based on SIG questionnaire / AUP controls. Perform remote security assessments via WebEx or a select few onsite assessments in the New York area. Review Assessments performed by 3rd party provider or our team in India. Define appropriate risk levels and corrective actions. Report on assessment outcomes, risk level and associated recommendations. Input corrective action plans into system. Follow up on corrective action plans and review evidence for closure. Provide metrics on a regular basis (KPI / KRI) Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure.
Development/Computing Environment: Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience. Minimum 5 years professional work experience, including a minimum of 2 years in an Information Security role or an IT Auditor role. Strong written/verbal communication skills, and organizational and work documentation proficiency. Good communicator with demonstrated ability to pass messages in a clear and concise manner. Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines. Ability to coordinate actions from several different teams. Experience performing IT audits or IT security risk assessments. Experience with Standardized Information Gathering (SIG) questionnaire and Agreed Upon Procedures (AUP) or other vendor assessment questionnaire / controls preferred. Experience with Hiperos or other vendor management / GRC tool (Archer, MetricStream, Process Unity). CISSP, CISM or CISA certification
The position offers competitive rate.
Job Id: 30523