Exatech Inc is a staffing and recruiting company.
• Perform and manage Onsite Risk Assessments as per process documents.
• Ensure vendor compliance to the business agreement, policies, procedures, & regulations along with ability to map controls and compliance requirements.
• Review vendor supplied policies & procedures, internal/external assessment reports, agreements and provide feedback.
• Provision assessment reports and executive summaries with recommendations & direction regarding remediation efforts and disposition of the third party.
• Communicate, escalate, and track vendor progress on assessment remediation activities.
• Act as a liaison & SME for internal departments & vendors to successfully manage Vendor Risk Assessment.
• Understand information security risks that are inherent to a business and articulate those risks in business terms.
• Maintain current knowledge on information security topics and their applicability program requirements.
• Engage VRO regarding any delays/deviations during remediation.
• Advance level experience in MS Word.
• MS Excel.
• MS PowerPoint etc.
• Experience working with senior levels of management.
• Good follow-up skills and detail oriented.
• Security expertise including knowledge on different security risk assessment frameworks (NIST/Octave), standards (ISO27001/HITRUST/ITIL/Cobit), and act such as (HIPAA/GLBA).
• Experience in examining the SSAE 16 Audit report.
• Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, DLP, firewall etc.).
• Knowledge of software development methodologies, application security, and OWASP Top 10 guidelines.
• Ability to document assessment work papers and preparing assessment report.
• Ability to manage vendor assessment independently with minimal supervision.
• Strong Communication and Presentation Skills.