Third Party Risk Specialist - Associate
iCapital
- Lisboa
- Permanente
- Horário completo
- Performs third-party vendor security assessment activities including evaluation of vendor controls, practices, process enhancements, and independent audit service reports
- Communicates directly with third party vendors to obtain artifacts and answers to iCapital diligence questions (DDQs)
- Recommends mitigating/compensating controls for vendor security programs
- Communicates and tracks remediation plans with third-party vendors, business and technology partners
- Escalates outstanding risk items to management
- Maintains and presents metrics on the vendor risk program to management
- From time to time assist the assurance team with client DDQs as vendor risk and client assurance are related programs
- Five years experience in a technology role with two to three years in a vendor risk role
- A bachelor's degree in computer science or technology/information security-related field
- Experience with Coupa or other vendor GRC tools a plus
- Experience with RiskRecon or other security risk measurements tools a plus
- Understanding of ISO-27001 or NIST 800 based security program standards
- Knowledge of relevant legal requirements, regulatory requirements, and privacy laws
- Knowledge of security risks pertaining to cloud (IaaS, SaaS, AaaS)
- A quick learner with desire to continually learn
- Excellent communication skills including strong English writing skills
- The successful candidate will be detail oriented to ensure that all requirements are met and documented.