Overview
On Site
USD 58.00 - 65.00 per hour
Full Time
Skills
IT Risk
Regulatory Compliance
SAP GRC
IT Audit
Auditing
Evaluation
Cloud Computing
NIST 800-53
ISO/IEC 27001:2005
Payment Card Industry
Data Security
DSS
OWASP
CISA
CISM
ISACA
CISSP
Cyber Security
Risk Assessment
Design Review
OSINT
Multitasking
Management
Information Security
Asset Management
Access Control
Cryptography
Change Management
Network Security
Vulnerability Management
Software Development Methodology
Risk Management
Incident Management
Cloud Security
Taxes
Life Insurance
Business Transformation
Law
Job Details
Job Title: Third-Party Risk Assessor
Location: 100% Remote
Duration: 12-Month Contract
*** At this time, the client is looking for candidates that are authorized to work in the U.S. on W2.
Experience Level
Expert Level
Description
To manage risk and respond to evolving regulatory requirements, we must carefully evaluate the cyber security controls that our service providers and suppliers have in place. This individual will lead and execute third party cyber security risk assessments. In addition, this individual will evaluate, identify and communicate cyber security risks related to our customer and business sensitive information in accordance with client's established Global Third Party Risk Management (TPRM) process and framework.
Top Skills / Must Have
4+ years experience with cybersecurity, third party risk management, IT Risk and Compliance (GRC), IT Audit, Information Security or Assurance and (or) strong audit/technical evaluation experience with various types of systems and networks and cloud technology
Experience with conducting cybersecurity assessments using common industry frameworks, including NIST Cyber Security Framework (CSF), NIST 800-53, ISO 27001 and 27002, Payment Card Industry (PCI) Data Security Standard (DSS), CIS Top 18/20, or OWASP
Bachelor's degree in technology, information/cyber security, related major, or equivalent work experience
Additional Skills / Nice to Haves
Industry certifications such as CISA, CISM, CRISC, CISSP, CTPRP, or related is highly preferred
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately
Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person
Responsibilities
Coordinate with key Global Third Party Risk Management stakeholders to initiate, scope and plan cyber security risk controls assessments of new and existing high risk suppliers.
Make meaningful risk mitigating recommendations to directly improving the third-party risk posture.
Serve as a third-party risk assessor, performing risk assessments by evaluating third-party attestations, performing control design review, and control implementation validation.
Complete assessments using established procedures and standards, industry frameworks, and best practices. Leverage OSINT, consortiums, and other independent reviews during the assessment process.
Multitask and project manage multiple assessment deadlines by coordinating execution with both the external suppliers and internal business partners. Escalate issues, understand project trends, and anticipate potential blockers.
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of information security areas/domains. These information security areas include information security policies, asset management, access control, cryptography, change management, network security, vulnerability management, SDLC, third party risk management, incident management, and cloud security
Pay and Benefits
The pay range for this position is $58.00 - $65.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a fully remote position.
Application Deadline
This position is anticipated to close on May 23, 2025.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Location: 100% Remote
Duration: 12-Month Contract
*** At this time, the client is looking for candidates that are authorized to work in the U.S. on W2.
Experience Level
Expert Level
Description
To manage risk and respond to evolving regulatory requirements, we must carefully evaluate the cyber security controls that our service providers and suppliers have in place. This individual will lead and execute third party cyber security risk assessments. In addition, this individual will evaluate, identify and communicate cyber security risks related to our customer and business sensitive information in accordance with client's established Global Third Party Risk Management (TPRM) process and framework.
Top Skills / Must Have
4+ years experience with cybersecurity, third party risk management, IT Risk and Compliance (GRC), IT Audit, Information Security or Assurance and (or) strong audit/technical evaluation experience with various types of systems and networks and cloud technology
Experience with conducting cybersecurity assessments using common industry frameworks, including NIST Cyber Security Framework (CSF), NIST 800-53, ISO 27001 and 27002, Payment Card Industry (PCI) Data Security Standard (DSS), CIS Top 18/20, or OWASP
Bachelor's degree in technology, information/cyber security, related major, or equivalent work experience
Additional Skills / Nice to Haves
Industry certifications such as CISA, CISM, CRISC, CISSP, CTPRP, or related is highly preferred
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately
Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person
Responsibilities
Coordinate with key Global Third Party Risk Management stakeholders to initiate, scope and plan cyber security risk controls assessments of new and existing high risk suppliers.
Make meaningful risk mitigating recommendations to directly improving the third-party risk posture.
Serve as a third-party risk assessor, performing risk assessments by evaluating third-party attestations, performing control design review, and control implementation validation.
Complete assessments using established procedures and standards, industry frameworks, and best practices. Leverage OSINT, consortiums, and other independent reviews during the assessment process.
Multitask and project manage multiple assessment deadlines by coordinating execution with both the external suppliers and internal business partners. Escalate issues, understand project trends, and anticipate potential blockers.
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of information security areas/domains. These information security areas include information security policies, asset management, access control, cryptography, change management, network security, vulnerability management, SDLC, third party risk management, incident management, and cloud security
Pay and Benefits
The pay range for this position is $58.00 - $65.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a fully remote position.
Application Deadline
This position is anticipated to close on May 23, 2025.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.