Note: Need H1B Copy Mandatory, *** Resumes lacking these skills will be rejected ***
*Travel within USA for onsite risk assessments required. Travel Required : Up to 50% * *What is the specific title of the position? * *Sr. IT Security Consultant - Vendor Information Security Risk Assessment (VISRA) * *Is this person a sole contributor or part of a team? * Part of a team *If so, please describe the team? *(Name of team, size of team, etc.) Reporting to the VISRA Team, the individual will act as a liaison & SME for internal departments & vendors to successfully perform Onsite Risk Assessments in USA. We leverage HITRUST CSF Version 7.0 for our program. *What are the top 5-10 responsibilities for this position? (Please be detailed as to what the candidate is expected to do or complete on a daily basis) * • Perform and manage Onsite Risk Assessments as per process documents • Ensure vendor compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements • Review vendor supplied policies & procedures, internal/external assessment reports, agreements and provide feedback • Provision assessment reports and executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party • Communicate, escalate, and track vendor progress on assessment remediation activities • Act as a liaison & SME for internal departments & vendors to successfully manage Vendor Risk Assessment • Understand information security risks that are inherent to a business and articulate those risks in business terms • Maintain current knowledge on information security topics and their applicability program requirements • Engage VRO regarding any delays/deviations during remediation What software tools/skills are needed to perform these daily responsibilities? • Advance level experience in MS Word, MS Excel, and MS PowerPoint etc. *What skills/attributes are a must have? * • Experience working with senior levels of management • Good follow-up skills and detail oriented • Security expertise including knowledge on different security risk assessment frameworks (NIST/Octave), standards (ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA). • Experience in examining the SSAE 16 Audit report • Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.) • Knowledge of software development methodologies, application security, and OWASP Top 10 guidelines • Ability to document assessment work papers and preparing assessment report • Ability to manage vendor assessment independently with minimal supervision • Strong Communication and Presentation Skills *What skills/attributes are nice to have? * • Possess good project management skills *Best Regards..* *Vijay* *|* *Ph:* 972-256-8187 *|email: * vij...@techstargroup.com <j...@conglomerateit.com>* | |* *Techstar Group Inc*.* |* -- You received this message because you are subscribed to the Google Groups "American Vendor--IT Consulting" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-vendor+unsubscr...@googlegroups.com. To post to this group, send email to sap-vendor@googlegroups.com. Visit this group at https://groups.google.com/group/sap-vendor. For more options, visit https://groups.google.com/d/optout.
