Third Party Vendor Risk Assessment Analyst @ DigiTran Technologies Inc. | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Third Party Vendor Risk Assessment Analyst jobs in United States
Be an early applicantLess than 25 applicants
company-logo

DigiTran Technologies Inc. · 3 hours ago

Third Party Vendor Risk Assessment Analyst

positionUnited States
timeContract
remoteRemote
seniorityMid Level
ftfMaximize your interview chances
AnalyticsCommercial
Hiring Manager
Ajay Dubey
linkedin

Insider Connection @DigiTran Technologies Inc.

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Partner with internal stakeholders to identify vendors and ensure the Enterprise vendor inventory is kept up to date
Able to review vendor due diligence materials (i.e. SOC1/SOC2, Vulnerability Scan, ISO 27001, etc.) and identify potential risks
Able to understand details of vendor’s cyber security program and identify where gaps exist with internal company policy requirements
Identify potential vendor related issues and follow up with internal stakeholders and external vendor to develop remediation plan for unresolved issues
Able to triage and prioritize risk based on impact and likelihood
Produce risk assessment reports and work with vendors to implement remediation responses
Work with Legal team to identify required contract security provisions to remediate risks identified in vendor assessment
Experience with industry-recognized Governance, Risk and Compliance (GRC) applications
Experience with Shared Assessments (https://sharedassessments.org/) methodology including use of their Standardized Information Gathering (SIG) questionnaire
Highly refined and professional verbal and written communications
Able to develop effective relationships with all levels of internal and external stakeholders
Ability to work in partnership with Legal, Purchasing, Data Privacy, Internal Audit and other teams

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Vendor Risk ManagementCyber SecurityCTPRP CertificationCISSP CertificationCISM CertificationCRISC CertificationGRC ApplicationsRisk Assessment ReportsShared Assessments MethodologyISO 27001SOC1/SOC2Vulnerability ScanStandardized Information Gathering (SIG)Collaboration with LegalRelationship Building

Required

Member of the Cyber & Information Security team with responsibility for implementation and execution of the third party vendor risk management program.
Perform risk based assessments which document the key risk areas for each third party vendor.
Work with internal stakeholders and external vendor to develop remediation plans and track resolution status.
Partner with internal stakeholders to identify vendors and ensure the Enterprise vendor inventory is kept up to date.
Able to review vendor due diligence materials (i.e. SOC1/SOC2, Vulnerability Scan, ISO 27001, etc.) and identify potential risks.
Able to understand details of vendor’s cyber security program and identify where gaps exist with internal company policy requirements.
Identify potential vendor related issues and follow up with internal stakeholders and external vendor to develop remediation plan for unresolved issues.
Able to triage and prioritize risk based on impact and likelihood.
Produce risk assessment reports and work with vendors to implement remediation responses.
Work with Legal team to identify required contract security provisions to remediate risks identified in vendor assessment.
Experience with industry-recognized Governance, Risk and Compliance (GRC) applications.
Experience with Shared Assessments methodology including use of their Standardized Information Gathering (SIG) questionnaire.
Highly refined and professional verbal and written communications.
Able to develop effective relationships with all levels of internal and external stakeholders.
Ability to work in partnership with Legal, Purchasing, Data Privacy, Internal Audit and other teams.
Bachelor’s Degree (preferably in Information Technology or Cyber Security) or equivalent work experience.

Preferred

CTPRP/CISSP/CISM/CRISC certification or equivalent highly desired.
Experience in Information Technology and Cyber Security highly desired.

Company

DigiTran Technologies Inc.

twittertwitter
company-logo
DigiTran Technologies (aka DigiTran) leverages its extensive technical, and complex federal government domain-specific expertise, and innovative transformation experience to serve the US businesses.
dateFounded in 2017
location
Herndon, Virginia, USA
people-size11-50 employees
web-link
https://www.digitrantech.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
CHANDRASHEKAR A S TAMIRISA
Chief Growth Officer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot