Third-Party Risk Management (TPRM) - Hybrid

Qualifications:

(FS and NFS TPRM)
Bachelor’s Degree is required
For Seniors, at least 3-7+ years of demonstrated experience in Information Security and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures)
For Staff, at least 6 mos -1+ year exp in Information Security
Strong understanding of the Third-Party Risk Management framework
Demonstrate a good understanding of the Contract Risk Review management process
Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Archer, ServiceNow, etc.)
Experienced in Information Security Assessments and Control Assessments
Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc.
Good knowledge of privacy regulations such as GDPR, CCPA, etc.
Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
Good knowledge of incident management, disaster recovery, and business continuity management, cryptography
Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management
Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review.
Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.).
Good experience in LAN/WAN architectures and reviews.