Need Security Engineer or Analyst - San Jose, CA (Hybrid From Day 1) at San Jose, California, USA |
Email: [email protected] |
From: Rahul.B, SPAR INFORMATION SYSTEM [email protected] Reply to: [email protected] Hello Everyone, Hope you are doing good. One of our client is looking for Security Engineer/Analyst , please share your updated resume to [email protected] Role: Security Engineer/Analyst Location: San Jose, CA (Hybrid From Day 1) Duration: 12+ Months Job description: Demonstrable understanding of cybersecurity risk assessment and risk management methodologies. Key qualification includes deep understanding of security and technical domains to best inform the program and assessment execution. Work directly with business and technology partners, vendors, and legal to assess vendor security issues and risks, prioritize risk mitigation activities and guide the business to make risk-based decisions. Evaluate information security program maturity, security controls, and security documentation for Clients strategic vendors. Review threat models for third-party integrations and provide guidance. Review and assess Client vendors security posture before onboarding them to Client. Communicate security risks to the business and build risk mitigation plans. Support legal team with negotiation around Information security contract requirements. Collaborate with cross-functional departments within Security, Procurement, Legal on process improvements and workflow integrations to provide improved customer experience. Communicate and present key vendor security initiatives, practices and issues to business units. Collaborate to develop executive reporting Provide metrics to report on vendor security program maturity. Benchmark the program against the third-party risk assessment programs from similar companies and propose improvement Develop continuous vendor monitoring capability by implementing Bit Sight or similar technology. Create dashboards for executive reporting on BI tools (PowerBI preferred), JIRA. Develop automation for enhancing the program, as needed. Additional details: The ideal candidate should have over 5 years of security experience, preferably in the third-party security field. This role will be working directly with business and technology partners, vendors, and legal to assess vendor security issues and risks, prioritize risk mitigation activities and guide the business to make risk-based decisions. We are looking for someone with outstanding security, communication, negotiation and interpersonal skills. The candidate should have good experience with Information security and Risk management practices and principles as well as some automation and technical experience. Demonstrable understanding of cybersecurity risk assessment and risk management methodologies. Key qualification includes deep understanding of security and technical domains to best inform the program and assessment execution Work directly with business and technology partners, vendors, and legal to assess vendor security issues and risks, prioritize risk mitigation activities and guide the business to make risk-based decisions. Evaluate information security program maturity, security controls, and security documentation for Customer's strategic vendors Review threat models for third-party integrations and provide guidance Review and assess Customer vendors security posture before onboarding them to Customer Communicate security risks to the business and build risk mitigation plans Support legal team with negotiation around Information security contract requirements Collaborate with cross-functional departments within Security, Procurement, Legal on process improvements and workflow integrations to provide improved customer experience Communicate and present key vendor security initiatives, practices and issues to business units Collaborate to develop executive reporting. Provide metrics to report on vendor security program maturity Benchmark the program against the third-party risk assessment programs from similar companies and propose improvement Develop continuous vendor monitoring capability by implementing BitSight or similar technology Create dashboards for executive reporting on BI tools (powerBI preferred), JIRA Develop automation for enhancing the program, as needed. Rahul.B Team Lead SPAR Information Systems Email: [email protected] Keywords: business intelligence California |
[email protected] View all |
Thu Oct 26 02:05:00 UTC 2023 |