| Need GRC or TPRM (Third Party Risk Manmagement )Sr. Systems Security Analyst in 100% Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: John Papatla, siri info solutions.inc [email protected] Reply to: [email protected] Rate: $50/hr on C2C Hello, Hope you are doing well!! Greeting from Siri Info Solutions. I am John with Siri Info Solutions. We Siri Info Solutions is a global staff augmentation firm providing a wide-range of talent on-demand and total workforce solutions. We have an immediate opening for the below position with one of our premium clients Role: GRC/TPRM(Third Party Risk Management) Sr. Systems Security Analyst Location: Remote - work EST hours (EST or CST) Contract:6+ Months Background: This role is pure Third Party Risk Management (TPRM) for infosec/cybersecurity/risk assessments. We are not looking for a TPRM generalist, but rather a TPRM specifically for information security/cyber security to make sure they are complying with regulations and best practices. Overview : This person will assess risk posed by third parties ( producers, vendors, etc.) that Berkeley shares data with or has access to Bekleys network. TPRM makes sure these third parties have the necessary controls in place to protect Berkley from data breaches, etc. This person will fully rely on the data being supplied by the third parties (via questionnaires). Rufuina is looking for someone who knows, understands and can analyze risk who has strong communication (verbal and written) and documentation skills. Questions: Rufina will provide screening questions related to Soc 3 and risk methodologies. Should know what SOC 3 Reports are. Service Organization Controls Three SOC Reports and each come in two types What is the issue with the Soc 3 report Written Part Instructions : pretend im the vendor Possible topic: Data Destruction and Media Sanitization Control: Must haves Requirements: 3+ years conducting TPRM (third party risk management) Cybersecurity Risk assessments/reviews Heavy SOC (Service Organization Controls) reports analysis background Strong technical/written communication skills Analytical and demonstrates deep understanding of Infosec/cybersecurity risk Familiarity with Information Security/Data Privacy regulations (ex NYDFS Part 500, PCI DSS, GDPR, CCPA). Infosecurity risk management focus with strong documentation Nice-to-haves: Advanced Information Security certifications (CISSP, CISA, or similar certifications) College degree in the related technical discipline (Information Systems, Science, Information Security, etc). Experience with security awareness training tools and/or phishing campaigns Keywords: access management |
| [email protected] View all |
| Sat Jan 20 00:51:00 UTC 2024 |