Third-Party Risk Management (TPRM) Analyst - Santa Clara or San Jose. at Remote, Remote, USA |
Email: [email protected] |
From: Vikas Rai, Samson Software Solution [email protected] Reply to: [email protected] Role- Third-Party Risk Management (TPRM) Analyst Location- Santa Clara or San Jose. THE ROLE: The Third-Party Risk Management (TPRM) Analyst will coordinate with IT stakeholders, project managers, and business owners to facilitate a vendor risk assessment to onboard a cloud solution or managed service. He/she will be responsible for collaborating with vendors for responses to TPRM vendor assessment questionnaire, perform third-party risk assessments in a timely manner, and facilitate the risk sign-off in accordance with established set of processes. He/She will comply with SLA's, provide periodic status updates to relevant stakeholders, and mature these processes over time in conjunction with customer Management. KEY RESPONSIBILITIES: In addition to following customers policies and processes, responsibilities include, but are not limited to: Follow the established foundational set of processes for onboarding a cloud solution or managed service. Coordinate input from multiple stakeholders to facilitate the review of the vendor. Perform risk assessments of third-party cloud solutions by reviewing responses to questionnaire, including supporting documents and information captured during discussions, to evaluate vendors internal controls environment. Facilitate the risk sign-off in accordance with established set of processes. Maintain third-party risk assessment documentation within the defined structure. Generate metrics on solutions and report to customer management at agreed to frequency. Perform periodic ongoing risk assessment of implemented cloud solutions and managed services. Refine and mature TPRM processes over time, in conjunction with customer Management. PREFERRED EXPERIENCE: Be CISA/CTPRA/CCAK certified. Have at least 5 years of experience in IT, with 3 or more years of this experience in TPRM, risk assessments, and/or internal IT control testing/ IT audits. Have working knowledge of information security and risk frameworks/standards (i.e. ISO 27001/2, NIST 800-53, NIST CSF, SOC1/SOC2, CSA CCM and Shared Assessments SIG) and cloud security practices. Have knowledge of and the ability to use a PC as well as Microsoft Office Suite, Visio, and SharePoint software. Possess strong communication skills (both written and verbal). Possess strong interpersonal skills and can adapt information based on the audience. Be able to handle confidential information in a professional manner. Have the ability to recognize and communicate potential control related issues in a timely manner. Be a strong team player and able to work effectively with colleagues and management. Be highly organized and self-reliant, with the ability to multi-task. Have excellent process and time management skills. Able to appropriately identify issues and raise them to management by paying close attention to detail. Have the ability to listen effectively and communicate with honesty. Be able to acquire and evaluate data. ACADEMIC CREDENTIALS: Have a Bachelors degree or equivalent in Information Technology, Information Systems Management, Computer Science or related field. Keywords: information technology Third-Party Risk Management (TPRM) Analyst - Santa Clara or San Jose. [email protected] |
[email protected] View all |
Sat Aug 24 01:09:00 UTC 2024 |