Job Information

G-TECH Services, Inc. IT Security Analyst II in Detroit, Michigan

Engagement Description – To conduct third-party vendor security risk assessments, identifying and reporting potential information security risks for third party vendors, reviewing security agreements for third-party vendors, creating processes for vendor management program maturity, reviewing information security policy and standard documentation, participating in audit discussions and walkthroughs, and reviewing requirements for offshore third-party vendors, and creating metrics, reporting, and presentation content for the vendor security risk management initiatives.

Top 3 Required Skills/Experience –

• Three or more years of experience working in third-party vendor risk management perform vendor security risk assessment activities

• Performing detailed reviews of security documentation and developing formal risk assessment reports

• Excellent verbal, written, and presentation skills

Required Skills/Experience – The rest of the required skills/experience. Include:

• Hands on experience with working EGRC solutions (e.g., MetricStream; RSA Archer)

• Experience with reviewing and updating information security agreements, requirements, and policy documentation

• Experience with providing effective information security risk remediation recommendations to business areas

• Previous experience collaborating with Procurement, Compliance, Audit, Legal, and/or Privacy areas to mature vendor management oversight activities

Preferred Skills/Experience – Optional but preferred skills/experience. Include:

• Experience creating and presenting information security risk content to executives and cross-functional areas

• Experience developing metrics and reporting for information security risks

• Familiarity with the HITRUST Framework

• Prior experience of operating as a team lead or higher within Information Security

Education/Certifications – Include:

• Bachelor’s degree or high in Information Security/Information Assurance/ CyberSecurity

• Information security certifications (e.g., CRISC; CISA) desired but not required based on years of information security work experience

Category Analyst

Function Information Technology

Req ID JN -042022-117674

Have any questions? We can help. Contact Us

facebooklinkedinConnect with us on social media.