Thursday, June 29, 2017

Information Risk Consultant

Job title: Information Risk Consultant
Location: Springfield, MA
Contract to hire
Primary Skill is in Information Risk Management area with experience in third party/vendor risk assessments.
Mandatory skills:
• Experience with industry standard Information Technology Control Policies and Standards frameworks and risk management methodologies including NIST and ISO
• Experience in risk assessment evaluation as well as identification of risk and mitigations
• Experience in conducting control self-assessments and review SOC 2 reports
• Experience in Information Risk, Information
Security, Audit, and supplier information risk management
• Experience in third party vendor risk assessments
• CISSP or CISA qualified or relevant experience
• Demonstrates a strong ability to identify, analyze, and solve problems
• Excellent oral and written communication skills, and attention to detail
Preferred skills:
• Experience with Archer GRC platform
• Experience in Cloud Security
Job Responsibility:
• Completes reviews of supplier provided artifacts including Control Self Assessments, SOC 2 Reports, and other artifact reviews using defined process and templates
• Ensures that completed materials received are in good order and follows‐up with the supplier relationship managers (SRM) where needed
• Identifies issues and mitigations from the assessment and works with the supplier SRM 
• to proactively mitigate these items
• Uses Centralized GRC tool (Archer) to input assessment evidence, assessment details, issues if identified during the assessment and supporting mitigations
• Assists with supplier assessment metrics and reporting

ANUDEEP MS | Recruiter  | Softpath System LLC 
Direct: 770-450-6330| E-Fax: 678-302-9888|Email :
Softpath System LLC 3985 Steve Reynolds Blvd | Bldg C| Norcross GA