Cyber Security Controls Assessor

  • Finezi,
  • San Francisco, CA
Need for Third party security review compliance assessors
Contract W2, 12 Month+
"DOE"
Telecommuting not available Travel not required

Job Description

Position: Cyber Security Controls Assessor 

Location – San Francisco, CA

Duration: 12 month+ contract  

 

 

 

Bachelor’s degree

Certified in Risk and Information Systems Control (CRISC) certification

Certified Information Systems Auditor (CISA) certification

Utility Industry experience,1yr

Experience in Information Technology (IT) risk management, IT compliance, IT Audit, IT security

Experience in project management, job-related

Leadership experience, job-related

 

Responsibilities: 

 

• Support Third Party Security and Risk Management Program cycle by overseeing /tracking remediation of deficiencies, Management Action Plans, Risk Acceptance Requests and reporting status of remediation efforts.

• Perform retesting of vendors security controls that have been remediated or updated as a result of previously identified deficiencies.

• Obtain, review, and interpret evidence provided to validate controls are performed effectively.

• Prepare, plan, conduct, and report remediation assessments in accordance with industry best practices and established client standards.

• Obtain, review, and interpret organizational IT policies, standards and procedures to identify control points that would assist in mitigating risk to the business.

• Prepares routine reporting to management and escalates concerns in a timely fashion

• Review test results or interpret evidence for vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.

• Liaises with Managers, and Individual Contributors on Vendors Security and Risk Compliance Assessment topics

• Partner with Line of Business contacts and contract owners to ensure deficiency mitigation and documentation is updated periodically to reflect vendors security posture

• Perform other tasks as necessary to ensure Third Party Security Review Team meets its commitments to customers

• Support the Third Party Security & Risk Manager on the preparation of materials for monthly, quarterly, and annual vendors security Compliance reviews and as needed. 

 

 

Dice Id : 10309206
Position Id : MA-CA-CyberSec
Have a Job? Post it