Third Party Information Security Risk Assessor
What we’ll bring:
- A work environment that encourages collaboration and innovation. We consistently explore new technologies and tools to be agile.
- Flexible time off, workplace flexibility, an environment that welcomes continued professional growth through support of tuition reimbursement, conferences and seminars.
- Our culture encourages our people to hone current skills and build new capabilities, while discovering their genius.
What we’d like to see:
- Information security certification (CISSP, CISA, CISA, Security+, CCSK, CCSP or similar).
- Cloud security or hands-on experience with Amazon AWS and Microsoft Azure.
Impact you’ll make:
- You’ll lead and perform complex risks assessments, applying critical thinking, creativity, and investigative skills to act as a threat hunter reviewing third parties.
- You’ll challenge security control design at third parties that use the latest information technology, from cloud to big data analytics.
- You’ll bring knowledge of the latest information security trends, apply them to risk analysis, and incorporate them into the team’s risk assessment methodology.
- You’ll promote a risk-aware culture with effective risk and compliance management practices.
- You’ll collaborate across all levels of the organization and with executives at third parties to treat risk.
What you’ll bring:
- Experience in risk assessments and audits.
- Detailed knowledge of several information security domains, for example, access management, application security, network security, cryptography, physical security, or regulatory/compliance.
- Bachelor’s degree in computer science, management systems or related field.
- Previous experience with industry frameworks and standards, for example NIST 800-53, PCI, and ISO 27001-27002.
- Strong attention to detail and problem-solving skills.
- Ability to travel up to 20% of time.