Key skills
CloudCyber SecurityIdentity ManagementSaaSFirewall
About this role
Role Overview
- assessing the information security posture of key clients’ third parties and coordinating the overall execution and delivery of assessments
- leading the effort to identify key risks and information security gaps
- Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
- Performing site visits to third-party facilities
- Evaluating the effectiveness of security controls for compliance with applicable policies, security laws, and regulations
- Assessing cloud technologies such as Software as a Service (SaaS) hosted applications, Platform as a Service (PaaS), and Infrastructure as a Service deployments (IaaS)
- Documenting information security risk and compliance findings and recommendations for remediation
- Perform quality assurance and review of assessments performed by other team members
- Delivering high quality, thorough reports
- Coordinating the schedules and assessments for key third party clients and overseeing all key deliverables
Requirements
- Bachelor's Degree
- Information Technology and/or Cybersecurity background and/or experience, including 2-4 years IT experience with network, platform, and/or application technology
- Willingness to obtain the Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Third Party Risk Assessor (CTPRA) designations
- Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web
- Working knowledge of at least one compliance framework, such as SOC2, ISO 27001, NIST, HIPAA
- Experience managing multiple projects, in a fast-paced environment
- Proven ability to learn new technologies and systems, especially through independent research and self-study
- Ability to communicate technical information verbally and through written documentation
- Ability to manage project schedules and client expectations
- Ability to travel domestically an average of 20%-50% per year
Tech Stack
- Cloud
- Cyber Security
Benefits
- comprehensive total rewards package