The Onsite Third Party Assessor will conduct information security and business continuity assessments of vendors providing services. To succeed in this role, you should be highly motivated and possess strong, hands-on, technical knowledge of a wide range of information security and business continuity controls and the processes used for evaluating their design and effectiveness.
You should also possess strong written and verbal communication skills including ability to communicate clearly and concisely to various levels, up to and including executive level management, and explain the need for key controls to technical and non-technical resources.
Technical skills include the domains of information security and business continuity including:
• Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.)
• IT Compliance, SOX Compliance
• Change Management
• Enterprise Risk Management
• Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards
• Previous information technology/security audit/assessment experience preferred.
• Ability to leverage attention to detail and analytical skills,
• Ability to multi-task and work both independently as well as part of an assessment team
• Ability to plan, execute and document assessment activities following established processes and procedures
• Minimally, CISSP and/or CISA certifications are required as well as five to ten years experience in information security or business continuity
• Must be able to travel up to 50%
SOX,NIST,COBIT,CISSP,CISA,Information Security,Cyber Security,Risk Management,RMF,Risk Assessment,Compliance,PCI,Access Management,Physical Security,Application Security
Installations (Computer Systems)