Vendor Risk and Assessment

The Purpose of This Role Designated position will be a part of India Information Security Office. Designated individual will be responsible for Vendor Technology Review (VTR). India ISO sets FMR INDIA's strategy, policy, and standards for the security of and operations in cyberspace. We focus on threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities.

Value that this role brings:

This role is expected to conduct Vendor Technology Review to access the Vendor from a Cyber Security perspective and work with leadership to appraise them on the progress and status.

Some of the responsibilities Include:

- Assessing, evaluating risks and control environments of the Vendors inline to established standards, policies, and procedures

- Collaborating with the Business Groups and Risk Stakeholders during the onboarding and offboarding of vendors

- Highlight the risks to Business as an outcome of the Vendor Technology Review - Update Leadership team on the High/Critical open findings

The Skills that are key for this role:

- Strong business acumen and strategic thinking skills to enable understanding of third-party risks in context of business activities

- Demonstrated success in assessing, identifying, and addressing information risks related to third party relationships.

- Experience with performing remote and on-site third-party assessments and/or contract audits

- Deep subject matter expertise in information security and foundational knowledge and experience with / exposure to all other relevant risk disciplines (data privacy, legal and regulatory compliance, and general business risk)

- Ability to adapt to change quickly, work comfortably with ambiguity, and manage multiple tasks successfully

- Strong commitment to customer service, stakeholder relationships, and high impact communications across all organizational levels

- Good to have knowledge on Information security ops, data protection, infrastructure security and information security governance, endpoint, server-side security and cloud computing

- Strong working knowledge of current workplace productivity and collaboration tools, especially Microsoft Office 365 (including SharePoint, Excel, Planner, and Teams)

- Ability to work on multiple tasks and manage priorities

- Ability to build and maintain effective working relationships at all levels

- Excellent analytical, communication and report writing skills

- Advanced analytical and critical thinking skills enabling productive outcomes

- Excellent verbal and written communication skills along with an ability to work effectively with senior management, think conceptually, and interact with others using strong interpersonal, organization and communication

Skills The Expertise We- re Looking For:

- 8+ years of relevant audit or risk-related experience in IT

- 13+ years of related financial services/technology experience

- Prior experience of risk management at a function/business unit level would be an added advantage

- Background in consulting, business analysis and risk management strongly desired

- Experience in program and project management

- Bachelor's degree or equivalent work experience required

- Desired certifications - CISSP, CISA, CIA

- Collaborative with ability to manage relationships across multiple functional areas

- Extensive knowledge and understanding of Internal controls / assurance review tools and practices

- Experience in program and project management

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.