Security Analyst at Atlanta, Georgia, USA |
Email: [email protected] |
From: Sanjeev Kumar Singh, Tek Inspirations LLC [email protected] Reply to: [email protected] Security Analyst Long-Term Contract Location: Atlanta, GA Onsite from day on Qualifications: 2-6 years' experience required. 5 or more years of experience with information technology security programs, audits, controls and/or third-party risk management. Ability to identify and assess IT security controls against policies and standards and Federal/State Regulatory requirements and identify and communicate gaps. Exceptional written and verbal communication skills. Advanced computer skills including Microsoft Office suite and other business-related software programs. Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment. Proven analytical / problem solving skills and ability to work with cross-functional teams. High School diploma, GED or High School Equivalency. Embraces diverse people, thinking and styles. Consistently makes safety and security, of self and others, the priority. Needed: Bachelor's Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security. Key industry certifications such as CISA, CISM, CISSP, CRISC, etc. Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc. Familiarity with third party information security attestations/certifications such as SOC I/II reports, ISO, PCI-DSS, SOX. Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessments. Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics. Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business. Experience with RSA Archer. Responsibilities: As a member of the IT Risk team you'll proactively identify, analyze, and remediate information security and technology risks throughout the third-party lifecycle. You'll also can partner with IT Portfolios (Infrastructure and Reliability, Architecture, Channels Technology), key functional partners (Legal, Privacy, Corporate Audit) and external partners. Participate in vendor risk management activities including but not limited to third party risk assessments, gap analysis, contract review, vendor breach and termination activities, and partner with internal stakeholders to monitor vendors. Perform data analytics and create meaningful reports to effectively communicate outcomes from vendor management activities and relate security, compliance, and/or governance-related concepts and controls across a variety of audiences including non-technical audiences. Identify and communicate findings of non-compliance with our Information Security Standards and track remediation or to an acceptable level of risk. Continuously work to improve the overall Vendor Risk Management Program through identifying opportunities and participating in implementation activities. Provide guidance to the business, Strategic Sourcing, and other stakeholders to ensure requirements of VRM are fully understood. Serve as the subject matter expert in interpreting requirements and improve awareness of Operational Risks faced by Business from vendor's failure/poor performance. Stay informed about the latest developments in the vendor risk management field. Perform any other job-related instructions, as requested, with reasonable accommodation. Keywords: information technology Georgia |
[email protected] View all |
Wed Sep 13 04:51:00 UTC 2023 |