The role will perform evaluation of third party and vendor engagements to identify and manage vendor risk which may include completion of risk assessments as well as conducting technical security reviews of our suppliers and partners.
Please Note: This is an initial 6 month contract (Inside IR35).
Responsibilities
* Evaluate third party risk and steer vendor relationships.
* Evaluates vendor responses to security questionnaires.
* Make recommendations on ways to mitigate vendor risk.
* Maintain vendor risk repository of artifacts including regular third party vendor certifications and assign risk scores to firm suppliers and partners.
* Conduct on-site audits of high-risk vendors reviewing security and controls.
Required Experience
* Strong knowledge of risk management, vulnerability management, and third party risk.
* Possess a sufficient understanding of technical concepts including systems, networks and security architecture best practices in order to effectively evaluate risk and assess the effectiveness of controls.
* Strong and deep information security risk identification (includes Cloud services), assessment, and risk ranking experience
#J-18808-Ljbffr