Contracts Advisor – Risk and Information Security

» Contracts Advisor – Risk and Information Security
Legal
in Chicago
, IL
Reference: 19-02943

Responsibilities:

  • Review contracts, Master Service Agreements, Business Associate Agreements, Request for Proposals (RFP), Statements of Work (SOW), to determine compliance with policies
  • On all non-standard contracts, provide redlined recommendations and often work directly with attorneys or purchasing staff until consensus has been reached
  • Provide input to management and assess contractual risk
  • Provide input to the development of contracts and commercial policies and processes
  • Provide guidance on contract matters to project managers or other operational staff, including training to new project managers and other employees in contracting practices and procedures
  • Build relationships cross-functionally and globally with risk stewards, internal stakeholders, and third parties
  • Promote a risk-aware culture, with effective risk and compliance management practices
  • Strong interpersonal, written, and oral communication skills
  • Ability to effectively communicate to all levels of the organization, including senior management, business stakeholders and third parties
  • Ensure that risks are promptly and clearly articulated, and escalated appropriately
  • Support projects that help improve the assessment process and support our overall third party risk management strategy
  • Communicate with management regarding project obstacles and take ownership of their resolution to continue progress towards deliverables and timelines

Required Qualifications:

  • 5-7 years of Information Technology experience with a focus on Information Security
  • Familiarity with current information security technologies and past experience in multiple of the following domain areas: Identity and Access Management, Application Security, Infrastructure Security, System & Data Security, Physical and Environmental Security, Business Continuity/Disaster Recover, and Regulatory/Standard Compliance
  • Familiarity with industry frameworks and standards such as SSAE18, PCI, and ISO 27001/27002
  • Bachelor’s degree in Computer Science or related field

Preferred Qualifications:

  • Information Security (CISSP, CISA, Security +) certification
  • Proficiency in Microsoft Office Suite (especially PowerPoint and Excel) and Microsoft Project