Essential Functions of the Position
- Manage the vendor security assessment process to include vendor relations with our 3rd party provider responsible for conducting risk assessments and liaison with internal and external business partners accordingly. Review 3rd party assessment reports and work with 3rd parties to identify security improvements or other mitigating controls and potentially incorporate into contract terms. Prioritize, track and report out on progress status, issues, and challenges.
- Act as customer facing liaison and information security subject matter expert to help IT functional teams, internal project teams, business stakeholders, and external partners understand policies and control requirements.
- Responsible for building and maintaining Information Security metrics, reports and dashboards working with the CISO and other IT teams as required. These dashboards may include but are not limited to vulnerability management, phishing, and 3rd party risk and incident response metrics.
- Provide project management support for information security and risk remediation initiatives. Develop and enhance metrics that identify security risks. Run status meetings with internal stakeholders and ensure timelines and deliverables are met.
- Provide security and privacy compliance support for all required regulatory requirements (dotted line to DPO/Compliance).
- Explain and articulate technical concepts to non-technical stakeholders, and follow basic troubleshooting steps to work through issues.
- Track and archive 3rd party security audits of our business partners that manage client data on our behalf. Develop strong relationships with Operation and technology teams identify residual risk of our various business partners. Build and maintain dashboard of all our 3rd party risk.
- Support Data Security Program manager by developing metrics to track data protection projects.
Professional/Technical Competency Requirements
- Collaborative problem solver with good listening and team building skills.
- Ability to effectively identify issues and manage expectations with various stakeholders across the business, IT, as well as external parties.
- Project management expertise.
- Strong data analysis and reporting capabilities.
- Excellent communication and collaboration skills.
- Strong customer service skills.
- Ability to work in an agile delivery IT organization.
- 3-5yrs of professional experience and BA/BS degree preferred with an emphasis in cybersecurity or information systems.
- Experience working in an agile delivery IT organization with a basic understanding of software application structure and software development lifecycles.
- Experience working in a global and matrixed organization across functions and geographies.
- Experience in IT audit or risk function.
- Strong Microsoft office skills.
- Cloud expertise.
Certifications/Licensure Requirements (if applicable)