Job Details

Home

Third Party Risk Assessment and Mitigation/NIST/Security at Remote, Remote, USA

Email: [email protected]

Experience Risk Assessment and Mitigation: -

Conduct comprehensive third-party risk assessments to identify potential cyber threats.

Develop and implement risk mitigation strategies to address identified vulnerabilities.

- Monitor third-party compliance with cybersecurity policies and standards.

2. Policy Development and Implementation:

- Establish and enforce policies and procedures for third-party cyber risk management.

- Ensure third-party vendors adhere to the organization's cybersecurity requirements.

3. Vendor Management:

- Oversee the evaluation, selection, and monitoring of third-party vendors.

- Conduct regular audits and assessments of vendor security practices.

- Manage contracts and service level agreements (SLAs) with third-party vendors.

4. Incident Response and Management:

- Develop and maintain an incident response plan specific to third-party breaches.

- Coordinate with third parties during cybersecurity incidents to ensure timely resolution.

- Conduct post-incident reviews and implement improvements based on lessons learned.

5. Training and Awareness:

- Provide training and awareness programs for internal stakeholders on third-party cyber risks.

- Ensure third-party vendors are educated on the organization's cybersecurity expectations.

6. Reporting and Documentation: - Prepare regular reports on third-party cyber risk management activities for senior leadership. - Maintain accurate and up-to-date documentation of all third-party risk assessments and mitigation efforts.

7. Collaboration and Stakeholder Management: - Work closely with internal teams such as legal, procurement, and IT security. - Build strong relationships with third-party vendors to ensure effective communication and collaboration.

8. Regulatory Compliance: - Stay updated on relevant cybersecurity regulations and ensure third-party compliance. - Work with legal and compliance teams to address regulatory requirements related to third-party cyber risk. ### Required
Skillsets:

1. Technical Knowledge: - Strong understanding of cybersecurity principles, frameworks, and standards (e.g., NIST, ISO 27001). - Experience with risk assessment tools and methodologies. - Knowledge of common cyber threats and vulnerabilities.

2. Analytical Skills: - Ability to analyze complex data and identify trends and patterns. - Strong problem-solving skills to address cyber risk issues.

3. Communication Skills: - Excellent verbal and written communication skills to convey technical information to non-technical stakeholders. - Ability to prepare clear and concise reports and presentations.

4. Leadership and Management: - Proven experience in leading and managing a team. - Ability to influence and drive change across the organization and with third-party vendors.

5. Vendor Management: - Experience in managing vendor relationships and contracts. - Strong negotiation skills to ensure favorable terms and conditions in vendor agreements.

6. Regulatory Knowledge: - Familiarity with relevant cybersecurity and data protection regulations (e.g., OCC, FRB, GLBA, GDPR, CCPA). - Ability to interpret and apply regulatory requirements to third-party risk management.

7. Project Management: - Strong project management skills to oversee multiple risk management initiatives. - Ability to prioritize tasks and manage time effectively.

8. Attention to Detail: - High level of attention to detail to ensure thorough risk assessments and accurate documentation.

9. Certifications (Preferred): - Certified Information Systems Security Professional (CISSP). - Certified Information Security Manager (CISM). - Certified in Risk and Information Systems Control (CRISC).

10. Experience: - Significant experience in cybersecurity, risk management, or a related field. - Experience in a senior management role, preferably in third-party risk management

Thanks and Regards

Adarsha Limma

Business Development Executive at

Triano Technologies.

Email
:[email protected]

325 Illinois St,

Glen Ellyn, IL 60137

Keywords: information technology Illinois
Third Party Risk Assessment and Mitigation/NIST/Security
[email protected]

[email protected]
View all

Tue Jul 23 00:39:00 UTC 2024

To remove this job post send "job_kill 1585405" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

adarshalimma@trianotechnologies.com wrote:
Experience Risk Assessment and Mitigation: -

Conduct comprehensive third-party risk assessments to identify potential cyber threats.

Develop and implement risk mitigation strategies to address identified vulnerabilities.

- Monitor third-party compliance with cybersecurity policies and standards.

2. Policy Development and Implementation:

- Establish and enforce policies and procedures for third-party cyber risk management.

- Ensure third-party vendors adhere to the organization's cybersecurity requirements.

3. Vendor Management:

- Oversee the evaluation, selection, and monitoring of third-party vendors.

- Conduct regular audits and assessments of vendor security practices.

- Manage contracts and service level agreements (SLAs) with third-party vendors.

4. Incident Response and Management:

- Develop and maintain an incident response plan specific to third-party breaches.

- Coordinate with third parties during cybersecurity incidents to ensure timely resolution.

- Conduct post-incident reviews and implement improvements based on lessons learned.

5. Training and Awareness:

- Provide training and awareness programs for internal stakeholders on third-party cyber risks.

- Ensure third-party vendors are educated on the organization's cybersecurity expectations.

6. Reporting and Documentation: - Prepare regular reports on third-party cyber risk management activities for senior leadership. - Maintain accurate and up-to-date documentation of all third-party risk assessments and mitigation efforts.

7. Collaboration and Stakeholder Management: - Work closely with internal teams such as legal, procurement, and IT security. - Build strong relationships with third-party vendors to ensure effective communication and collaboration.

8. Regulatory Compliance: - Stay updated on relevant cybersecurity regulations and ensure third-party compliance. - Work with legal and compliance teams to address regulatory requirements related to third-party cyber risk. ### Required
 Skillsets:

1. Technical Knowledge: - Strong understanding of cybersecurity principles, frameworks, and standards (e.g., NIST, ISO 27001). - Experience with risk assessment tools and methodologies. - Knowledge of common cyber threats and vulnerabilities.

2. Analytical Skills: - Ability to analyze complex data and identify trends and patterns. - Strong problem-solving skills to address cyber risk issues.

3. Communication Skills: - Excellent verbal and written communication skills to convey technical information to non-technical stakeholders. - Ability to prepare clear and concise reports and presentations.

4. Leadership and Management: - Proven experience in leading and managing a team. - Ability to influence and drive change across the organization and with third-party vendors.

5. Vendor Management: - Experience in managing vendor relationships and contracts. - Strong negotiation skills to ensure favorable terms and conditions in vendor agreements.

6. Regulatory Knowledge: - Familiarity with relevant cybersecurity and data protection regulations (e.g., OCC, FRB, GLBA, GDPR, CCPA). - Ability to interpret and apply regulatory requirements to third-party risk management.

7. Project Management: - Strong project management skills to oversee multiple risk management initiatives. - Ability to prioritize tasks and manage time effectively.

8. Attention to Detail: - High level of attention to detail to ensure thorough risk assessments and accurate documentation.

9. Certifications (Preferred): - Certified Information Systems Security Professional (CISSP). - Certified Information Security Manager (CISM). - Certified in Risk and Information Systems Control (CRISC).

10. Experience: - Significant experience in cybersecurity, risk management, or a related field. - Experience in a senior management role, preferably in third-party risk management

Thanks and Regards

Adarsha Limma

Business Development Executive at

Triano Technologies.

Email
:AdarshaLimma@trianotechnologies.com

325 Illinois St,

Glen Ellyn, IL 60137

Keywords: information technology Illinois 
Third Party Risk Assessment and Mitigation/NIST/Security
adarshalimma@trianotechnologies.com

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,