What you’ll be doing...
This position will be part of the Corporate Information Security Team focused on supplier security assurance programs and processes. Specifically, this role will work within the Supplier Risk Management program to drive supplier security assurance throughout the various phases of the supplier lifecycle, from onboarding through termination, and with the end goal of risk reduction.
This role is responsible for participating in a cross-functional program to identify, characterize and lower supplier information security risk to Verizon. These responsibilities will include:
- Evaluating supplier security practices in order to gauge maturity and ability to securely manage the IT assets and data entrusted to them.
- Collecting Key Risk Indicator supplier data and conducting framework-based risk analysis.
- Identifying security concerns where supplier security programs do not meet Verizon requirements and/or put the Company at risk.
- Working with the Business to address security concerns by driving supplier gap remediation in a timely manner.
- Providing risk-based guidance to supplier business sponsors to garner their full understanding, support and acceptance of the risks involved in doing business with each supplier.
- Working effectively cross-functionally with multiple risk-related teams such Sourcing, Legal, Finance, Compliance and other security teams.
- Participating in the negotiation of supplier contracts with regard to security requirements and articulating risk to supplier business sponsors where suppliers are not agreeing to those terms.
- Perform administrative functions to ensure the prompt and accurate tracking and documenting of supplier risk evaluations, remediation activities and processes.
What we’re looking for...
You'll need to have:
- Bachelor’s degree or four or more years of work experience.
- Three or more years of relevant work experience.
- Technical related experience and business operations experience.
- Experience in Information Security, Technology or Technical Risk Analysis.
Even better if you have:
- Bachelor’s degree in Information Systems, Technology or related field.
- Certifications: CISSP, CISA, CISM or willingness to obtain within 9 months.
- Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, control standards, secure coding principles, and security technologies.
- Knowledge of information security fundamentals, best practices and industry standards with prior responsibilities of protecting information assets.
- Experience with ISO 27001-2, NIST 800-53, or other controls standards.
- Demonstrated ability to effectively communicate with Legal attorneys and other supporting business groups.
- Experience effectively utilizing analytic tools, such as Archer.
- Excellent written and verbal communication skills.
- Excellent documentation and organizational skills.
When you join Verizon...
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer- and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Click here for more info: http://www.verizon.com/about/work/jobs/2410116-risk-analyst-supplier-security-assurance
• Post ID: 158595052 newyork