Vendor Information Security Risk Analyst


Jersey City, NJ

Industry: Staffing & Recruiting


5 - 7 years

Posted 362 days ago

  by    Radhika Arora

Our client, a global financial firm is seeking a Vendor Information SecurityRisk Analyst to join their team in Jersey City, NJ.


  • Coordinate with stakeholders to initiate, scope and plan controls assessments vendor engagements
  • Assess completed questionnaire and supporting documentation to validate vendor appropriate implementation of information security controls
  • Produce detailed documentation of assessments and perform threat analysis of gaps identified
  • Communicate vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks Validate evidence from vendors, before Remediation Plans are closed.

Required Skills

  • Demonstrate in-depth knowledge of concepts, best practices and controls including: risk management, access control, cryptography, physical security, securityarchitecture and design, networksecurity, application and operations security and compliance/incident management --must have experience with Cloud Service providers
  • Strong technical and IT audit background
  • Working knowledge of a wide variety of technologies which include server infrastructure and operating systems, network and web infrastructures, databasearchitecture and intrusion detection/prevention systems
  • Working knowledge within the following risk domains/technologies: Database and application security, IDS/IPS technologies, System/Access Administration, Firewall technologies, NetworkArchitecture, SecurityEvent Logging and Monitoring, Key Management/Tokenization, Database/Application/Network Layer Secure Protocols, Physical and Environmental Security, Secure Software/Code Development, Change Management, Vulnerability Management.
  • Knowledge of AUP
  • IT Risk Management/Audit industry certification
  • Time Keeping System
  • CWMS Fieldglass

$80K - $200K