Job Description :
Role : Vendor Risk Management SME
Required Technical Skill Set: Strong understanding of vendor risk, SOC1,SOC2, SSAE16 reviews experience
Desired Experience Range: 5 to 7 years with 3+ years vendor risk assessment experience
Location of Requirement: Cleveland, OH

Must-Have Technical:
- Strong understanding of Shared assessments SIG and SIG lite
- Experience in working with SOC1, Soc2 & SSAE 16 reviews
- Experience in conducting vendor security reviews
- CTPRP / CISSP / CISA certification is a plus
- Strong understanding of Risk Management Methodologies and practices
- Experience / exposure on Information / Infrastructure Security Management
- Bachelor’s degree and 7+ years of Information security experience
- Strong understanding of regulatory compliance mandates( SOX, HIPAA, GLBA , PCI etc)
- Understanding of FFIEC IT guidance

Non-Technical:
Strong verbal and non verbal communication skills
Experience with articulating findings in a business understandable manner
Experience in dealing with diverse infrastructure and application teams as part of the audit responsibilities
Good-to-Have •

Responsibility of / Expectations from the Role
1 Perform onsite vendor risk assessments
2 Review audit reports from customer thirdparties
3 Develop approaches to analyze findings and identify systemic issues
4 Develop audit procedures, documentation and training required for capability development