Tata Consulting Services (Usa) New York , NY 10007
Posted 2 weeks ago
Skill: Risk Manager
Must have:
Function as a Subject Matter Expert in several IT risk domain (eg.: Access control, change management, cryptography, secure network design etc.) on IT internal controls, including risk assessment and analysis.
Experienced in third party vendor management program.
Experienced in review of SSAE18, SOC 2, HITRUST, SIG and CAIQ reports.
Understanding of application and network security and should understand penetration testing and scan reports.
Certifications such as CISA, CISSP will be good to have.
Third Party Vendor Management, GRC, Internal Audits (Information Security).
Responsibilities:
Should be independently able to perform information security audits and assessments on third party vendors depending upon the vendor type and criticality.
Contribute to governance and facilitate remediation recommendations of related risks, deficiencies, gaps or issues, advice with identifying compensating controls alternative where compliance requirements cannot be met.
Document and present overall residual risk to higher management for approvals and risk acceptances.
Interact with vendors, business and multiple stakeholders to assess, explain and remediate the risks identified.
Support key reporting activities associated within key functions.
Perform adhoc IT risk analysis and reporting.
#LI-NR3
Total Care Services, Inc.
Posted Today
VIEW JOBSTata Consulting Services (Usa)