Unison Consulting
Location
Secunderabad | India
Job description
1. Evaluate the applicability of performing third-party risk assessments based on the services being provided,
2. Develop inherent risk and tiering methodology and perform the same to decide depth of rigor required on the third-party vendors,
3. Should have analytical skills to perform design effectiveness testing on third parties to assess their capabilities and security posture. Should be able to review the artifacts like SOC1, SOC2, and other reports/data provided by Vendors and guide vendors in case of any discrepancies/gaps.
4. Should be able to test the Security controls (technical/process) independently to verify the compliance by Vendors.
5. Analyze and review vendor contracts to ensure that they align with the organization's risk tolerance and compliance requirements.
6. Monitor third-party vendors to ensure ongoing compliance with relevant regulations, industry standards, and contractual obligations.
7. Develop and implement strategies to mitigate identified risks, collaborating with vendors to address any vulnerabilities or areas of concern.
8. Maintain detailed records of risk assessments and mitigation efforts. Provide regular reports to management and stakeholders on the status of third-party risk management.
9. Foster positive relationships with vendors while maintaining an objective perspective on risk management. Communicate expectations and work collaboratively to address any issues.
10. Contribute to the development and enhancement of third-party risk management policies, procedures, and guidelines.
11. Operational experience into tools such as ServiceNow, MetricStream and Power BI for creating various dashboards will be an added advantage.
Job tags
Salary
