Hi, Please share your consultant resume at [email protected]
H1 B can also use. *Title: ** IT - Security Consultant * *Location: EDEN PRAIRIE, MN**Client: UHG* *Job Duties and Description:* *Sr. IT Security Consultant - Vendor Information Security Risk Assessment (VISRA)* *Supporting Health Care Company's accelerated approach for assessing high risk critical vendors* *Part of a team* *Reporting to the VISRA Team, the individual will act as a liaison & SME for internal departments & vendors to successfully perform Onsite Risk Assessments in USA. We leverage HITRUST CSF Version 7.0 for our program.* *What are the top 5-10 responsibilities for this position?* - Perform and manage Onsite Risk Assessments as per process documents - Ensure vendor compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements - Review vendor supplied policies & procedures, internal/external assessment reports, agreements and provide feedback - Provision assessment reports and executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party - Communicate, escalate, and track vendor progress on assessment remediation activities - Act as a liaison & SME for internal departments & vendors to successfully manage Vendor Risk Assessment - Understand information security risks that are inherent to a business and articulate those risks in business terms - Maintain current knowledge on information security topics and their applicability program requirements - Engage VRO regarding any delays/deviations during remediation *What software tools/skills are needed to perform these daily responsibilities?* - Advance level experience in MS Word, MS Excel, and MS PowerPoint etc. *What skills/attributes are a must have?* - Experience working with senior levels of management - Good follow-up skills and detail oriented - Security expertise including knowledge on different security risk assessment frameworks (NIST/Octave), standards (ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA). - Experience in examining the SSAE 16 Audit report - Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.) - Knowledge of software development methodologies, application security, and OWASP Top 10 guidelines - Ability to document assessment work papers and preparing assessment report - Ability to manage vendor assessment independently with minimal supervision - Strong Communication and Presentation Skills *What skills/attributes are nice to have?* - Possess good project management skills - Travel within USA for onsite risk assessments required. - Travel Required : Up to 50% *Face to face if possible or phone* *Manish Kr.* _________________________________________________________ Contech Systems, Inc. • 1480 U.S. Highway 9 North, Suite 206 • Woodbridge, NJ 07095 9727984725 -- You received this message because you are subscribed to the Google Groups "US_IT.Groups" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/us_itgroups. For more options, visit https://groups.google.com/d/optout.
