ITS Third Party Governance Assurance Analyst II - SUM-2590 jobs in United States
cer-icon
Apply on Employer Site
company-logo

Saviance ยท 5 months ago

ITS Third Party Governance Assurance Analyst II - SUM-2590

positionAkron, OH
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date5+ years exp

Saviance is a company that operates in the IT and cybersecurity sector. They are seeking an ITS Third Party Governance Assurance Analyst II to manage vendor relationships and ensure compliance with IT and security requirements, focusing on third-party risk management and vendor management processes.

Information Technology & Services
check
Growth Opportunities

Responsibilities

Operates the organization's Vendor Management Office (VMO) and third-party risk management capabilities
Collaborates with stakeholders across IT, procurement, security, legal, compliance, and operations to assess vendor capabilities
Ensures contracts align with IT and security requirements
Continuously improves IT vendor management capabilities
Applies in-depth knowledge of information technology, cybersecurity, and healthcare regulations to ensure compliance, risk, and operational standards
Works to ensure VMO and third-party risk management processes efficiently achieve the organization's IT and cybersecurity objectives
Provides thought leadership and guidance to level I Analysts

Qualification

Vendor ManagementThird-Party Risk ManagementCybersecurity KnowledgeHealthcare RegulationsITIL FoundationCompTIA Security+Contract NegotiationTechnical WritingProblem-SolvingMentoringCommunication SkillsCritical Thinking

Required

Bachelor's Degree in Computer Science, Cybersecurity, IT, or Engineering or equivalent combination of education and/or experience
Five (5) years of combined experience in information technology, cybersecurity, vendor management, or third-party risk management
Intermediate knowledge of laws, policies, procedures, and governance structures relevant to cybersecurity and third-party risk management in the healthcare and public health sector (e.g., HIPAA, PCI DSS)
Intermediate knowledge of risk management processes (e.g., methods for assessing and mitigating vendor risk) and their application to third-party evaluations
Intermediate knowledge of core cybersecurity principles, cyber threats, and vulnerabilities as they relate to supply chain and third-party services
Intermediate knowledge of IT procurement and contract management principles, including the ability to review and interpret vendor service agreements, data handling agreements, and audit reports (e.g., SOC 2)
Intermediate knowledge of supply chain risk management practices, including identification and evaluation of potential vendor risks (financial, reputational, operational, and security-related)
Intermediate knowledge of healthcare operations, clinical workflows, and the organization's foundational business processes
Basic knowledge of system life cycle management principles, including software security and usability
Basic knowledge of the organization's enterprise information technology (IT) and cybersecurity goals and objectives
Basic knowledge of enterprise incident response program, roles, and responsibilities
Intermediate skill in contract negotiation and vendor relationship management, including experience working closely with legal and procurement teams to negotiate favorable contract terms, resolve vendor disputes, and build long-term strategic partnerships with key IT suppliers
Intermediate skill in problem-solving to identify root causes of vendor-related issues and recommend effective remediation strategies
Intermediate skill in evaluating the trustworthiness of the supplier and/or product
Intermediate skill in technical writing
Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
Ability to mentor junior analysts by providing guidance and knowledge-sharing, and by promoting best practices in vendor risk management
Ability to apply critical reading/thinking skills
Ability to evaluate information for reliability, validity, and relevance
Must have VMO contract review experience

Preferred

Preferred experience in a healthcare environment with exposure to HIPAA, PCI DSS, or other relevant regulations
Certifications preferred: ITIL Foundation (or equivalent)
Certifications preferred: CompTIA Security+
Certifications preferred: ISC2 HCISSP
Certifications preferred: ISACA COBIT Foundations
Cyber Security Helpful but not required

Company

Saviance

twitter
company-logo
Saviance is a modern consulting firm providing a variety of professional services to its clients in the US.
dateFounded in 1999
location
East Rutherford , New Jersey, US
people-size201-500 employees
web-link
http://www.saviance.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Rohit M.
Managing Partner
linkedin
Company data provided by crunchbase