JOB DESCRIPTION
Job Description
Qualifications:
- CISA, CISM or ISO 27001 Lead Auditor
- Has 7+ years of experience in IT/Financial Audit and/or IT risk assessment activities.
- Has at least 2+ years of people management experience.
- Experience in troubleshooting general computing controls for desktop, information, and network security.
- HIPAA Risk Assessments & security control frameworks like ISO27001/NIST
Responsibilities:
- Provide day to day team leadership for third party supplier security risk assessment and remediation analysts
- Contribute to employee coaching, development, and performance reviews
- Lead assessment of various workstream
- Communicate performance results to leadership
- Develop and/or contribute to training programs to support program implementation and operations
- Track analysts’ quality and SLAs in assessments and remediation
- Present and understand key operational and risk metrics to internal stakeholders and other business partners
- Lead collaboration efforts with internal stakeholders on projects and objectives for process improvement
- Work directly with the supplier management office on escalations
- Perform peer reviews and provide guidance to analysts on their assessments and remediation
- Research and analyze supplier profiles
- Conduct discovery calls with suppliers and internal stakeholders
- Work with peers and management to identify information security risks to move to remediation
- Escalate any assessments to internal stakeholders and management in a timely manner
- Able to support and handle risk assessments activities end to end from determining tier, workstream to assessment and remediation closure
- Collaborate with internal stakeholders and management for any delays and escalations during the remediation process
- Review supplier’s supporting documentation to close remediation records
- Develop and guide a group of analysts in skills or career development
- Enable business partners through insights for process and programs developments
OTHER JOB REQUIREMENTS
Education
Bachelor's/College Degree
Field of study
Computer Science/Information Technology
Specialization
IT - Network/Sys/DB Admin