Third Party Security Risk Assessor
Menlo Park, CA | Contract
Title: Third Party Security Risk Assessor
Duties: We are seeking a Third Party Security Risk Assessor to join the Information Security team. This position will be responsible for understanding and executing third party reviews as part of the Third Party Risk Security Program. The Third Party Security Review specialist will be someone that has a passion for evaluating security risk posed by vendor relationships along with internal processes and technologies while empowering culture of rapid innovation and helping demonstrate our dedication to security to the world. This role requires a mix of broad business and technical acumen, evaluating risk, and a polished ability to communicate. This is a contract position.
Help demonstrate our commitment to security to internal and external stakeholders
Complete security reviews of third parties doing business with us
Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls
Participate in the development and oversight of required corrective action plans relating to security risk issues specific to security reviews completed
Understand business process and requirements relative to the specific vendor security reviews
Experience assessing Information Security risk with strong preference given to individuals who have completed vendor security risk reviews and technical risk assessments;
3+ years of proven experience working on Information Security teams or
Strong program and project management skills required; Experience with developing security reporting that is meaningful and actionable for a variety of audiences including internal stakeholders and external third parties; Knowledge and understanding of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, physical security, etc.; Understanding of processes for risk evaluation and assessing third parties across diverse industries and against a broad range of security requirements;
Bachelors in business and technology preferred or equivalent experience.