Responsibilities:
- Review contracts, Master Service Agreements, Business Associate Agreements, Request for Proposals (RFP), Statements of Work (SOW), to determine compliance with policies
- On all non-standard contracts, provide redlined recommendations and often work directly with attorneys or purchasing staff until consensus has been reached
- Provide input to management and assess contractual risk
- Provide input to the development of contracts and commercial policies and processes
- Provide guidance on contract matters to project managers or other operational staff, including training to new project managers and other employees in contracting practices and procedures
- Build relationships cross-functionally and globally with risk stewards, internal stakeholders, and third parties
- Promote a risk-aware culture, with effective risk and compliance management practices
- Strong interpersonal, written, and oral communication skills
- Ability to effectively communicate to all levels of the organization, including senior management, business stakeholders and third parties
- Ensure that risks are promptly and clearly articulated, and escalated appropriately
- Support projects that help improve the assessment process and support our overall third party risk management strategy
- Communicate with management regarding project obstacles and take ownership of their resolution to continue progress towards deliverables and timelines
Required Qualifications:
- 5-7 years of Information Technology experience with a focus on Information Security
- Familiarity with current information security technologies and past experience in multiple of the following domain areas: Identity and Access Management, Application Security, Infrastructure Security, System & Data Security, Physical and Environmental Security, Business Continuity/Disaster Recover, and Regulatory/Standard Compliance
- Familiarity with industry frameworks and standards such as SSAE18, PCI, and ISO 27001/27002
- Bachelor’s degree in Computer Science or related field
Preferred Qualifications:
- Information Security (CISSP, CISA, Security +) certification
- Proficiency in Microsoft Office Suite (especially PowerPoint and Excel) and Microsoft Project