Qualifications:

• Experience in auditing/security assessments
• Strong Communication and Presentation Skills
• Security expertise including knowledge on different security risk assessment framework
• Knowledge and understanding of different security product
• CISA, CISSP, CPISI, ISO 27001 preferred

Responsibilities: 

• Understand and scope properly Third-Party organization structure to apply necessary controls to be assessed
• Perform and manage Control/Risk Assessment and remediation of identified findings as per process documents
• Ensure Third Party compliance to the business agreement, policies, procedures, & regulations along with the ability to map controls and compliance requirements
• Review Third Party supplied policies & procedures, internal/external assessment reports, agreements and provide feedback
• Executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party
• Communicate, escalate, and track Third Party remediation progress on assessment remediation activities
• Understand information security risks that are inherent to a business and articulate those risks in business terms
• Maintain current knowledge on information security topics and their applicability program requirements
• Engage DPO regarding any escalation/delays/deviations during assessment/remediation