Senior Vendor Risk Analyst
Company: Direct Staffing Inc
Location: San Francisco
Posted on: March 19, 2023
|
|
Job Description:
Coordinate with stakeholders to initiate, scope and plan
controls assessments of new and existing vendor engagements.
Perform assessments on-site at vendor locations or remotely via
conference calls Assess completed questionnaire and supporting
documentation to validate vendor appropriate implementation of
information security controls; analyze the information to identify
information security weaknesses or non-compliance with and industry
standards Produce detailed documentation of assessments and perform
threat analysis of gaps identified Communicate vendor information
security issues to stakeholders, ensuring their understanding of
associated risks and actions needed to remediate those risks
Validate evidence from vendors, before Remediation Plans are
closed. Escalate issues associated with vendors as needed to
management. Qualifications Demonstrate in-depth knowledge of
concepts, best practices and controls in a breadth of information
security areas/domains; these information security areas include
risk management, access control, cryptography, physical security,
security architecture and design, network security, application &
operations security and compliance/incident management Strong
technical and/or IT audit background and practical knowledge of a
wide variety of technologies which include server infrastructure &
operating systems, network & web infrastructures, database
architecture and intrusion detection/prevention systems Proficient
working knowledge within the following risk domains/technologies:
Database and application security, IDS/IPS technologies,
System/Access Administration, Firewall technologies, Network
Architecture, Security Event Logging & Monitoring , Key
Management/Tokenization, Database/Application/Network Layer Secure
Protocols, Physical and Environmental Security, Secure
Software/Code Development, Change Management, Vulnerability
Management. Self-starter with the ability to manage and prioritize
responsibilities through the effective use of time management
techniques Team player with proven skills in influencing people
without having direct management authority and motivating them to
successfully complete tasks within required timelines Strong
ability to interact and communicate both written and verbally with
people at all levels, both technical and non-technical, in a
dynamic environment where interactions are not always in person
Strong risk analysis and problem solving skills Must be flexible to
ensure assessments are performed by the mandated date and be able
to manage multiple assessments simultaneously - Additional
Experience/Requirements: Experience that is considered a strong
plus: performing information security assessments; providing
information security guidance to business stakeholders;
interpreting and applying information security policy and standards
IT Risk Management/Audit industry certification (such as CISSP,
CISA,CRISC, etc.) preferred. Additional Information All your
information will be kept confidential according to EEO
guidelines.
Direct Staffing Inc
Keywords: Direct Staffing Inc, San Francisco , Senior Vendor Risk Analyst, Professions , San Francisco, California
Click
here to apply!
|