| Senior Information Security Third Party Risk Lead at Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: Devyani Kumari, Absolute IT [email protected] Reply to: [email protected] Title: Senior Information Security Third Party Risk Lead (30 hours per week, remote) Candidate must have an active and an updated LinkedIn ID (REQUIRED!!) Location: Hybrid in Waltham, MA they will consider remote if needed Duration: 6 months Important Ski lls Technical Third Party Risk management, vendor management, cybersecurity Soft strong communication, interacting with all levels, organized Background Check (if applicable): - 7 year criminal, 2 references, education, OIG/GSA exclusion and FDA Debarment Hours: 30 hours/week Must Haves: BS/BA in Computer Science, IT, Information Systems, 10+ years experience in IT Security or IT infrastructure disciplines 3-5 years of work experience in Third Party Risk Management, Vendor Management, Risk Management The role requires a strong background and understanding of all cybersecurity domains. Day to Day: In this role, the Analyst will manage, monitor, and coordinate third party risk activities by working directly with business lines and third-party contacts to ensure the appropriate protection of Alkermes data. In this role, the successful candidate will interact with all levels of the organization and function as an integral team member in advancing the overall third-party program and will be accountable for performing third party due diligence to meet information security, data protection, and compliance requirements. The candidate must use a business risk-based approach to the decision-making process. Conduct information security assessments of Alkermes third parties. This includes: Oversee the third-party vendor risk assessment process for new vendor onboarding and periodic risk assessments, distribution of due diligence questionnaires to the third-party vendors and partners, review submitted questionnaires for completeness, ensure stakeholders finalize reviews and determine overall residual risk rating. The reporting of security assessments, namely, reporting results, developing findings and recommended remediation plans Coordinates the identification and ranking of third-party risks Influences third parties and business partners to ensure compliance with risk management policies, to include driving the completion of required assessments within determined SLAs Organize and lead meetings related to third party assessments: prepare meeting agendas, send out meeting minutes and coordinate follow up activities as appropriate Analyze various scorecards/performance management tools to identify areas of risk. Communicate and collaborate with internal and external teams, stakeholders, and vendors. Assist in the continuous improvement and maturity of the organization's third risk management framework, program, processes, and tools. Monitor, track, report, and escalate third-party risks to Management Meet SLA expectations for assessments/re-assessments Communicates risk assessment findings to all levels of the organization Assist with maintenance of the GRC tool used by the team. Operate with a limited level of direct supervision and exercise independence of judgement and autonomy Keywords: business analyst information technology Idaho Massachusetts |
| [email protected] View all |
| Mon Jan 08 21:02:00 UTC 2024 |