(Enter skills, job title, etc.)

Information Risk /3rd parties controls Consultant

Job Title:

Information Risk /3rd parties controls Consultant

Location:

Springfield, MA

Industry:

Information Technology

Duration:

1 year

Job Description:

Information Risk Consultant

The Supplier Information Risk Consultant works with the EIRM Information Risk Management team and internal supplier relationship managers (SRM) within the lines of business to conduct a security controls evaluation of third parties where confidential or restricted data is involved. The evaluation includes a risk assessment as well as identification of risk and mitigations.

 

Job Requirements:

Specific responsibilities include but are not limited to:

 Vendor/3rd party: risk, Audit, controls

  • Completes reviews of supplier provided artifacts including Control Self Assessments, SOC 2 Reports, and other artifact reviews using defined process and templates
  • Ensures that completed materials received are in good order and follows-up with the SRM where needed
  • Identifies issues and mitigations from the assessment and works with the supplier SRM to proactively mitigate these items
  • Uses Centralized GRC tool (Archer) to input assessment evidence, assessment details, risk issues as identified during the assessment and supporting mitigations
  • Coordinates on-site assessments with SRM, Supplier, and on-site assessor
  • Assists with supplier assessment metrics and reporting   
  • Takes action on real time supplier threat alerts to investigate and resolve working with SRM and supplier contacts
Education:

Minimum Requirements:  

  • Experience with industry standard Information Technology Control Policies and Standards frameworks including NIST and ISO
  • Experience with Archer GRC platform preferred
  • Demonstrates a strong ability to identify, analyze, and solve problems
  • Excellent oral and written communication skills, and attention to detail
  • 3-5 years technology background with experience in Supplier Information Risk management, Information Risk, Information Security, and Audit
  • CISSP or CISA qualified or relevant experience

Tip of the Week


Make sure your LinkedIn profile is identical or similar to your resume. Consistency is key!

 

View Starpoint's Top Tips.

Send Us Your Resume


Let Starpoint's expert recruiters help you land your next job.

 

Submit Your Resume

@Starpoint_Jobs