Safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology
Collaborate with cross-functional teams and third-party vendors to request, collect, and analyze pertinent information and collateral
Conduct technology risk assessments across new and existing applications
Ensure comprehensive documentation is maintained for all approved and denied exceptions
Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios and translate findings into measurable business risk statements
Track risk plan milestones and drive issue management
Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid Cyber Risks
Perform security assessments of new and existing third-party vendors and service providers
Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows
Respond to customer, partner, or compliance questionnaires related to product security
Gather evidence and documentation required for internal and external security audits
Requirements
5+ years of relevant experience in Information Security, IT Risk Management, IT Audit, or GRC, with a heavy focus on technology risk
Deep working knowledge of key GRC concepts, risk assessment methodologies, and industry frameworks (e.g., NIST SP 800-53/CSF, ISO 27001)
Proven, hands-on experience using and configuring modern GRC platforms for risk management, policy management, and compliance automation. Experience in configuring and using tools such as Archer, ServiceNow, MetricStream or Vanta preferred
Experience with IT and Security tools, SaaS / other Cloud technologies and/or software development
Certifications: CRISC, CISM, CISA, or similar recognized security and risk management certifications
Bachelor’s degree in computer science, Information Security, or a related field
Must be a US Citizen.
Tech Stack
Cloud
ServiceNow
Benefits
Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies