Job Details

Security Engineer- Third-Party Risk Management

NORWALK-06859, CT, US
02/24/2020

-


Required Skills

    information security frameworks, source technologies
Company

Infinity Consulting Solutions, Inc

Experience

3 to 5 Year(s)

Job Description

Our Client is a technology firm that focuses on Business Continuity and Disaster Recovery solutions. Since established in 2007 they have grown to 2000+ employees with 22 offices around the world with a goal to provide the best possible services at under market prices.

They are currently looking to add a Security Engineer focusing on Third-Party Risk Managment to their team.

This position can sit in Norwalk, Boston, Rochester, or Toronto.

As a trusted and empowered member of the CISOs staff, you will go out into the organization and identify opportunities for security improvement and organize change.

You will oversee efforts that push the enhancement of organizational and engineering security controls and processes.

You will assure the achievement of important outcomes through these efforts.

Your role as part of the information risk management team will be to determine the risks related to third party products, services, and manufacturing partners in support of the risk management practices at the firm.

Additionally, this role will be responsible for leading and expanding the current program and processes requiring navigation across the product, engineering, and corporate business areas.

Business engagement is expected in the following areas:

Conduct due diligence of third-party products, services, and manufacturing partners

Identification of technical and business security controls, communication of gaps, and mitigation approaches

Develop and manage processes in support of third-party risk management objectives

Continuously monitor intelligence sources related to existing vendors

Ad-hoc analysis of business-critical activities and decisions

About You:

Ability to work collaboratively and lead discussions to successful outcomes.

Bachelor’s degree in Computer Science, Engineering or equivalent IT work experience

Three (3) or more years of experience in a role with Information Security GRC responsibilities

Two (2) or more years of experience focusing on supply chain management is highly desirable.

Experience designing, implementing and managing security controls and processes

Experience with information security frameworks (e.g., ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust
Principles, PCI DSS, NIST 800-53/CSF)

Experience with open source technologies and environments





Security Architect
Information Technology

No Preference
FullTime Job
Other
1

Candidate Requirements
-
Bachelors

Walkin Information
-
2/18/2020
-

Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY
-