Cyber - Operate - Consultant

Job Description:

Responsibilities

• Perform ongoing third-party cyber risk assessments to identify and evaluate business and technology risks associated with third parties and service providers
• Provide recommendations to help clients manage cyber risks arising from third-party relationships
• Assist in the selection and tailoring of third-party cyber risk management approaches, methods, and tools to support assessment delivery
• Prepare periodic status updates, including potential risks and delays, for project managers and clients
• Support engagement delivery by documenting findings and contributing to project execution against client requirements and timelines

Qualification & Experience

• 3-5 years of experience in information security
• Experience applying information security and risk frameworks or standards, including ISO 27001/2, National Institute of Standards and Technology 800 series, or Payment Card Industry Data Security Standard
• Experience performing cyber risk, compliance risk, or regulatory risk assessments
• Experience in one or more cyber risk domains, including security governance and management, application security controls, access controls, network security operations, security architectures, identity management, disaster recovery and business continuity, incident response, privacy and data protection, or encryption
• Experience with internal controls, risk assessments, business process reviews, internal information technology control testing, or operational auditing
• Experience preparing project status updates, including risks and delays, for project managers or clients
• Bachelor’s or Master’s degree in information technology or a related field