Job Description :
Title : Information Risk Analyst – Information Security
Location : Tampa, FL
Duration : 6+ months
Candidates must have technical skills that manager is looking for and must understood Third Party Risk Assessment. They must be able to answer any technical question around Encryption, Vulnerability scanning and, Pen testing.
Principal Responsibilities:
Participate in and influence third party risk assessment process improvement and documenting the overall process and improvements
Perform Third party risk assessments to identify Technology risks
Partner with the business and technology to agree cybersecurity risk findings identified through the Third Party risk assessment
Provide risk finding recommendations that the business and Third Party Suppliers may implement to mitigate identified finding gaps
Partner with Third Party Risk team to ensure that risks findings are clearly articulated in a manner that is understood by business and The Third Party Suppliers
Evaluate vendor responses to ensure that remediation plans and tasks adequately address identified control gaps
Build all needed Documentation for the Third Party risk assessment and remediation processes
Assist with the assessing internal noncompliance to policies
Recommend remediation plans to stakeholders and track them to closure
Participate in and influence process improvements
Assist the business and technology groups through the client processes
Develop and operationalize reports to meet stakeholder requirements (e.g. Senior management reports, detailed reports etc
2- 4 years of experience in Information security risk assessments
2 - 4 years of risk assessment experience in Third party risk management area
Proficiency with Information Risk Management best practices Knowledge and Skills Required:
Proven ability to execute vendor Third party risk assessment programs
Experience interfacing with other internal or external organizations regarding risk and compliance findings
Proven knowledge of security methodologies, policies, standards and best practices
Proven knowledge of information technology systems, infrastructure and operations and how they affect an organization’s cybersecurity risk
Ability to explain and articulate technical concepts using both technical and non-technical language
Technical documentation writing skills
Critical thinking and analytical skills
Excellent skills in office tools (MS Word, PowerPoint, Excel and VISIO)
Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives
Strong oral and written communication skills
Excellent organizational skills, coupled with ability to be versatile and flexible
Sound business judgment and the ability to work successfully with all levels of management
Excellent grammar and style skills; ability to adapt writing style for different audiences and media Education
Training and Certification: Bachelor’s degree preferred CISSP/CISM/CRISC certification preferred