Description
Position: Vendor IT Risk AssessorLocation: New York City (Midtown)
Contract: will turn Full-Time within 6 months
Rate: Open hourly, w2
Role
A top technology and business firm is seeking an IT Vendor Risk Management Consultant to join the IT Assurance and Security Controls (ITASC) team. The ITASC Team is part of the Information Security team reporting to the Chief Security Officer (CSO). The ITASC team plays an integral role in ensuring the confidentiality integrity and availability of information with an overall goal of enhancing the IT Governance, Risk and Compliance (GRC) function.
Responsibilities
- Evaluating third-party business partners to determine if such business partners meet security standards
- Conducting IT assurance assessments over software as service project implementations, developing a gap analysis and providing security requirements to mitigate identified risks using practical cost-effective controls; Understanding and applying InfoSec principles including confidentiality, integrity, and availability
- Providing security control implementation expertise and guidance over business initiatives to integrate strong security controls into projects
- Collaborating with appropriate Subject Matter Experts (SMEs) in the information security field to enhance the security posture and improve the IT Vendor Risk Management Program
This person must have experience in the complete life cycle of vendor assessment rather than passing it on to other groups or teams. Also, must be a fun and energetic individual who is able to think outside of the box on a regular basis.
Qualifications
- Strong understanding of information security and security control methodologies and concepts
- Bachelors Degree with a minimum of 4 to 6 years work experience in Information Security, GRC (Governance, Risk, and Compliance) and IT Vendor Risk Management
- Knowledgeable in the ISO framework
- Industry certifications including: CISSP, CISA, GSEC or related certifications (CEH, CRISC, CISM)
- Demonstrated ability in leading projects, creating, executing, and managing project plans with minimal supervision
- Strong communication
To find out more about Huxley Associates please visit www.huxley.com