New Vendor Engagements
The Third Party Risk Management (TPRM) program defines the framework and conducts the assessments that enable the business to protect the organization and our clients from risks. The associate in this role will be responsible for the execution of due diligence for new vendor engagements. This responsibility will span from the request to review, working the business (1st line) and subject matter experts to ensure that all necessary information has been reviewed and critical issues have been identified.
As assigned, execute due diligence for new vendor requests (VEQs)
Conduct review of new engagement and assign inherent risk score.
Partner with business (1st Line) for the collection of critical artifacts and evidence required from vendor.
Execute due diligence, risk assessments, engaging business subject matter experts as needed for review.
Identify issues resulting from assessments, work with business to ensure findings have identified owners and follow up plans.
Communicate final reports to stakeholders including vendor business liaisons, sourcing and legal.
Partner with peers and leader to ensure risk assessments are completed on time, escalate roadblocks and issues in a timely manner.
Ensure work deliverables maintain high level of quality, ensuring the appropriate identification of critical risks.
Review assessment reports and issues to ensure clarity, traceability and alignment across results.
Confirming the appropriateness of risk ratings based on engagement risk, the validation results.
Demonstrate strong ability to analyze information and data
Demonstrates strong subject matter expertise and sound judgement to align appropriate risk level
Conduct an assessment in a collaborative manner to effectively assess controls while maintaining business relationships
Quickly analyze information security controls, ensure clearly written assessments, and provide constructive action items to assessors
Translate security, business continuity, and operational controls into business risk
Work with diverse contacts throughout the world to achieve results
Communicate technical issues to non-technical people
Demonstrate collaborative partnership skills for working with various points of contacts
Demonstrate strong problem-solving and conceptual thinking abilities
Demonstrate capacity to think broadly but go deep into subject matter when needed
Bachelor s Degree
1+ years experience with related experience in information security, risk assessments, or business continuity.
CISSP, or CISA, or CRISC certification
NO THIRD PARTIES, NO SUB-CONTRACTORS, NO CORP to CORP
Data Resource Technologies Inc. is an Information Technology Staffing Firm serving the markets of the United States of America; the greatest country in the world. We work with Direct Clients Only and do not participate in multi layer contracts. Earn The Most Possible and put over 60 years of Information Technology Industry experience to work for you today, Call or Apply NOW!!!
12020 Shamrock Plaza, Suite 200 Omaha, NE, 68154Contact