Information Security, Third Party Risk Management, Remediation Analyst 1 Job at ALTA IT Services
Information Security, Third Party Risk Management, Remediation Analyst 1
Location: REMOTE (the Contractor will be expected to work EST hours, no matter their location)
Pay Rate: Open to Both C2C and W2 options
Position Type: Multiyear Contract
Basic Purpose:
To serve as a risk remediation expert for the Information Security third party risk management team to ensure identified control gaps from third party assessments are remediated according to guideline expectations across the entire enterprise third party footprint. Collaborate directly with third parties and internal business unit contacts to drive remediation efforts. Exercise influencing skills to effectively eliminate &/or minimize the risk to the Client members. Identification and documentation of all applicable compensating controls during remediation efforts. Partner with internal business units and technical SMEs to evaluate risk levels.
Responsibilities:
Qualifications:
Desired Qualifications:
Bank Secrecy Section:
Remains cognizant of and adheres to Client policies and procedures and regulations pertaining to the Bank Secrecy Act.
For immediate consideration, please apply directly or contact Ryan Pustilnik at 301.740.2110
Location: REMOTE (the Contractor will be expected to work EST hours, no matter their location)
Pay Rate: Open to Both C2C and W2 options
Position Type: Multiyear Contract
Basic Purpose:
To serve as a risk remediation expert for the Information Security third party risk management team to ensure identified control gaps from third party assessments are remediated according to guideline expectations across the entire enterprise third party footprint. Collaborate directly with third parties and internal business unit contacts to drive remediation efforts. Exercise influencing skills to effectively eliminate &/or minimize the risk to the Client members. Identification and documentation of all applicable compensating controls during remediation efforts. Partner with internal business units and technical SMEs to evaluate risk levels.
Responsibilities:
- Conducts efficient, high quality risk assessment remediation activities for complex third party relationships
- Analyzes third party remediation responses, evidence, &/or external audit reports to confirm third party compliance with control expectations
- Produces professionally written summaries of third party assessment remediation results
- Facilitates meetings with internal business units and third parties on Information Security third party risk management remediation processes
- Maintains knowledge of and ensures compliance with applicable federal and state laws, rules, regulations and Client policies and procedures (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
- Builds and maintains effective relationships with team members, leadership, key business unit stakeholders, third parties, etc.
- Reviews third party remediation implementation to address findings control gaps and areas of non-compliance
- Keeps current with Information Security best practices and industry trends, and applies them to process and policy improvements and compliance actions
- Works independently with limited guidance from leadership
- Performs other duties as assigned by leadership
Qualifications:
- Experience in the financial services industry with a focus on information security assessments and remediation activities
- Experience in information security processes, concepts, principles, and methodologies
- Experience in audit and information security risk assessments on third parties
- Knowledge of applicable federal and state laws, rules and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
- Knowledge of NCUA, FFIEC, GLBA, ISO 27001/27002, SANS20, PCI DSS, and other Information security requirements and frameworks
- Experience that demonstrates knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies
- Effective planning and organizational skills
- Effective research, analytical and problem solving skills
- Strong verbal, written and interpersonal communication skills, including skill in negotiating and persuading others
- Ability to present findings and conclusions clearly and concisely
- Experience in working with all levels of staff, management, stakeholders, and third parties
- Ability to build effective relationships through rapport, trust, diplomacy, and tact
- Strong word processing and spreadsheet software skills
Desired Qualifications:
- Bachelor Degree in business, information systems or related field or equivalent work/military experience
- CISSP, CISA CCSP or other Information Security certifications
- Knowledge of Client operations
Bank Secrecy Section:
Remains cognizant of and adheres to Client policies and procedures and regulations pertaining to the Bank Secrecy Act.
For immediate consideration, please apply directly or contact Ryan Pustilnik at 301.740.2110
3
Please Note :
epokagency.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, epokagency.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.