TPRM Security & Compliance Specialist

US Tech Solutions, Inc.

2024-05-07 21:04:52

Burbank, California, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description

Title: TPRM Security & Compliance Specialist

Location: Burbank CA 91502

Duration: 6 Months Contract

Description/Comment:

• Responsible for planning, conducting, and reporting on third party assessments including assessment planning, execution, and reporting, and providing quality assurance reviews of assessments conducted by others.
• Ability to evaluate the services provided by vendors, timely review vendor performances and risks associated, and develop appropriate responses.
• Consistently monitor progress, manage vendor risk, and make certain that key stakeholders are kept informed about progress and expected outcomes; stay abreast of current business and industry trends relevant to the business.
• Ability to summarize assessment outcomes, risk level and associated recommendations. Additionally, recommend and implement compliance measures.
• Assist in the third-party assessment of outside legal counsel in support of Legal Operation's mission. Assisting in planning, conducting, and reporting on external law firms and following-up and tracking resolution of agreed-upon finding remediation plans.
• Periodically reach out to vendors and client business units regarding current threats to ensure they are taking necessary steps to reduce exposure.
• Provide timely advice on security requirements in proposed and existing vendor contracts.

Basic Qualifications

Must Have's:

• TPA - should have hands on experience in the end-to-end process, from sending out the questionnaire to completing a review the received package (evidence, documents, and responses).
• Experience with GRC tools: Process Unity, Archer, Security scorecard (or similar tools such as BitSight, Black kite).
• Being able to understand the nuances of different stakeholders.
• Policy and documentation review.
• Comfortable with an individual contributor role.
• Must have ability to communicate effectively to all levels of the organization as well as to external stakeholders.
• Ability to articulate IT compliance requirements.
• Ability to work in large global environments spanning multiple time-zones.
• ISO27001 implementor and auditor experience.

Preferred Qualifications

Ideal Background:

• External audit (e.g., Big Four) and /or internal audit (e.g., Fortune 500).
• 5-7+ years of program and project management experience.
• 5-7+ years of experience in third party risk management or IT vendor management experience.
• 4-year degree Computer Science, Risk Management, Information Security and/or equivalent professional experience.

Nice to Have's:

• CISA, CISSP or similar certification.
• BC / DR (service continuity) experience
• Experience presenting and influencing mid-level executives on IT security and matters.

Required Education

• BA/BS Degree.