Previous Job
Third Party Security Risk Assessor
Ref No.: 18-02619
Location: Menlo Park, California
Position Type:Contract
Start Date / End Date: 05/21/2018 to 11/21/2018
Job Title: Third Party Security Risk Assessor
Location: Menlo Park, CA
Duration: 6 Months

Client is seeking a Third Party Security Risk Assessor to join the Information Security team. This position will be responsible for understanding and executing third party reviews as part of Client'sThird Party Risk Security Program.

The Third Party Security Review specialist will be someone that has a passion for evaluating security risk posed by vendor relationships along with internal client processes and technologies while empowering clients culture of rapid innovation and helping demonstrate clients dedication to security to the world. This role requires a mix of broad business and technical acumen, evaluating risk, and a polished ability to communicate. This is a contract position.

Help demonstrate clients commitment to security to internal and external stakeholders
Complete security reviews of third parties doing business with client
Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls
Participate in the development and oversight of required corrective action plans relating to security risk issues specific to security reviews completed
Understand business process and requirements relative to the specific vendor security reviews

Experience assessing Information Security risk with strong preference given to individuals who have completed vendor security risk reviews and technical risk assessments;
3+ years of proven experience working on Information Security teams or projects;
Strong program and project management skills required;
Experience with developing security reporting that is meaningful and actionable for a variety of audiences including internal stakeholders and external third parties;
Knowledge and understanding of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, physical security, etc.;
Understanding of processes for risk evaluation and assessing third parties across diverse industries and against a broad range of security requirements;