Certificate of Cloud Security Knowledge (CCSK) Job
Company Name: Unisys
Contact Person: Lokesh A
Excellent Opportunity for SeniorRisk\Information Security Analyst on Contract to hire role for Unisys.
Education and Qualifications.
A Bachelors Degree or equivalent from a reputed institute
ISO/IEC 27001, ISO 22301, ISO 31000, certified(Preferred), Understanding SSAE 18 SOC 1 & SOC 2 controls preferred)
Have working knowledge on vendor evaluation with current or previous employers/s
Excellent verbal and written communication skills
Expert in MS-Word, MS-Excel, MS-Powerpoint
Have knowledge of technical domains such as Windows, Unix/Linux, Database, Network, Backup and Storage, Application, Cloud platforms, licensing software
Understanding of Data Privacy controls, GDPR, Privacy Shield, governing laws and regulations
Working knowledge of MS-Project, Power BI tools
The candidate should have 8-10 years of work experience in Information Security with at least 3 - 5 years in the relevant domain of managing TPRM and vendor risk assessment. Should have understanding of vendor risk management solutions and tools.
The candidate will be responsible for the following:
Understand the existing in context to Unisys as an organization and the relationship between Office of the CISO, Data Privacy Office and Procurement
Have a good understanding on Supply Chain Management in relation to existing TPRM program of Unisys
Required to have working knowledge on Vendor Risk Management or TPRM with
Have adequate knowledge of available resources, tools, training materials to be used for performing day-to-day tasks
Ability to comprehend vendor services and contextualize the same against vendor classification or risk tiering
Perform day-to-day actions which will include, but not limited to, review risk tiering/classification, create and send questionnaire based on level of due-diligence, evaluate vendor responses, seek additional information from vendors, issue creation and review remediation plans, provide outcome against decision-matrix
Ability to comprehend and analyze responses relating to data privacy, information security, business continuity, fourth party and subcontracting, cloud security
Able to support and assist team members and the function with research and designated TPRM related project assignments, process improvements and automation opportunities
Analytical abilities to review data points and metrics and be able to produce dashboards and reports for team and Leadership consumption
Be able to support internal audit team towards validation checks, perform remote or on-site vendor assessments and assist with external audit requirements around TPRM
Act as a TPRM Case Manager to provide oversight and end-to-end liaison between fellow members and analysts towards timely closure and/or escalation for vendor evaluation
Work with Senior leaders in the company in legal, Procurement, Privacy, Service lines and regional leadership.