Note: Need H1B Copy Mandatory,

*** Resumes lacking these skills will be rejected ***



*Travel within USA for onsite risk assessments required. Travel Required :
Up to 50% *

*What is the specific title of the position? *
*Sr. IT Security Consultant - Vendor Information Security Risk Assessment
(VISRA) *

*Is this person a sole contributor or part of a team? *
Part of a team

*If so, please describe the team? *(Name of team, size of team, etc.)
Reporting to the VISRA Team, the individual will act as a liaison & SME for
internal departments & vendors to successfully perform Onsite Risk
Assessments in USA. We leverage HITRUST CSF Version 7.0 for our program.

*What are the top 5-10 responsibilities for this position? (Please be
detailed as to what the candidate is expected to do or complete on a daily
basis) *
• Perform and manage Onsite Risk Assessments as per process documents
• Ensure vendor compliance to the business agreement, policies, procedures,
& regulations along with ability to map controls and compliance requirements

• Review vendor supplied policies & procedures, internal/external
assessment reports, agreements and provide feedback
• Provision assessment reports and executive summaries with recommendations
& direction regarding remediation efforts and disposition of the third party

• Communicate, escalate, and track vendor progress on assessment
remediation activities
• Act as a liaison & SME for internal departments & vendors to successfully
manage Vendor Risk Assessment
• Understand information security risks that are inherent to a business and
articulate those risks in business terms
• Maintain current knowledge on information security topics and their
applicability program requirements
• Engage VRO regarding any delays/deviations during remediation


What software tools/skills are needed to perform these daily
responsibilities?
• Advance level experience in MS Word, MS Excel, and MS PowerPoint etc.

*What skills/attributes are a must have? *
• Experience working with senior levels of management
• Good follow-up skills and detail oriented
• Security expertise including knowledge on different security risk
assessment frameworks (NIST/Octave), standards
(ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA).
• Experience in examining the SSAE 16 Audit report
• Knowledge and understanding of different security products (web/email
filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.)
• Knowledge of software development methodologies, application security,
and OWASP Top 10 guidelines
• Ability to document assessment work papers and preparing assessment report

• Ability to manage vendor assessment independently with minimal supervision

• Strong Communication and Presentation Skills

*What skills/attributes are nice to have? *
• Possess good project management skills





*Best Regards..*

*Vijay* *|* *Ph:* 972-256-8187 *|email: * vij...@techstargroup.com
<j...@conglomerateit.com>* | |* *Techstar Group Inc*.* |*

-- 
You received this message because you are subscribed to the Google Groups 
"Business_Intelligence" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to business_intelligence+unsubscr...@googlegroups.com.
To post to this group, send email to business_intelligence@googlegroups.com.
Visit this group at https://groups.google.com/group/business_intelligence.
For more options, visit https://groups.google.com/d/optout.

Reply via email to