Vendor Information Risk Consultant
Boston, MA 02110
Our client in Downtown Boston is seeking an Information Risk Analyst to focus on Vendor Information Risk. Working closely with Vendor Relationship Managers (VRM), this individual will be responsible for conducting the hands-on risk assessments and evaluations of third parties where sensitive data is involved.
Responsibilities and Requirements:
- Complete reviews of vendor provided artifacts (SOC 2 Reports, Control Assessments, etc.) and use defined templates and processes for evaluation
- Ensures that the materials are in compliance, work with VRM to define compliance
- Identifies issues and mitigations from the assessment and works with VRM to define a roadmap to resolve these issues
- Use Archer to input assessment documentation, details, and risks identified
- Participate in on-site assessments
- Resolve real time issues that come up with vendors- investigate and resolve these issues in a timely manner
- Experience with standard IT Controls and Policies
- Experience with frameworks such as NIST and ISO
- Analytical and determined to solve issues when they come up
- Proactively assess any issues before they become an issue
- Vendor Information Risk Management is a must have (or Supplier Information Risk, 3rd Party Information Risk, etc.)
- CISSP or CISA preferred
Full time opportunity, sponsorship not available
Information Technology Recruiting Manager
Caroline was born and raised in Boston and enjoys working with IT professionals both locally and nationally.
When she's not working, Caroline enjoys Netflix binging and spending time with her Pug.