Information Security Risk Consultant

Our requirements for the Risk consultant profile has changed and we are now looking at someone with specific experience in Third Party Risk Management. Please find below the revised skillset requirement for the same. Please start sharing the candidate profiles for this skillset, as soon as possible.

Please find the job responsibilities for the TPRM contractor resource:

• Manage the third-party risk management and help drive automation of processes and reporting
• Acting as subject matter expert on risk-based security reviews and assessments at a high volume
• Develop and maintain relationships with internal stakeholders and service providers through regular touchpoints
• Collecting/reviewing data from multiple sources to assess a third party's security
• Preparing reports for senior management on the state of vendor compliance including finding management
• Advising project and legal teams on ensuring the required security terms are in contracts
• Determining strategy for highly sensitive and/or high impact assessments
• Maintaining metrics on vendor security assessments

Appreciate your support.

.

• Understanding to Information Technology, Technological architectures, and systems control.
• Proficient knowledge of security controls and how they are implemented to reduce risk
• Experience conducting internal and 3rd Party IT\Security risk assessments, controls validation, identify gaps, propose recommendations to address findings and write assessment report
• Experience enhancing risk management process and advancing tools used in the process such as: MetricStream, OneTrust, QuickSight and MS Excel
• Experience using risk management frameworks (a plus for ISO, NIST, SOC2 and PCI)
• Experience implementing automated risk scoring
• Experience improving Risk Management program, recommends improvements to drive program efficiencies
• Experience with implementation of a GRC tool (a plus for implementing MetricStream)
• Experience with implementing Risk Register dashboard using BI tools (a plus for implementing QuickSight)
• Advance skills using MS Excel
• Excellent written and oral communications skills
• 5+ Years in IT Risk Management, Governance and Compliance
• Perform other Risk Management duties as assigned

• Experience with AWS-specific technologies.
• Understanding of cryptographic fundamentals.
• Experience with Infrastructure Architecture.
• Experience with hardware security.
• Experience with secure software management.
• Experience with security groups, NACLs, VPCs, subnetting, gateways, routing tables, etc.