Security Consultant @ AVENGA
Supporting the Client in a Third Party Risk Management process (TPRM), performing Vendor Risk Assessments. Estimated lenght: 2 years
Required experience:
- conducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST
- Understanding of concepts of cyber security controls in IT areas (e. g. Access management, Application security)
- Knowledge of security assessments methodology
- Analyzing and evaluating security controls and documentation policies (evidence)
- Recommending mitigation actions related to identified risks
- Reporting and communicating identified risks to stakeholders
- Monitoring of status of implementation of mitigation actions and support
Education and skills:
- 2+ years of experience in security assessments and cyber risk management (ideally including TPRM)
- Communication skills
- Good self-organization
- English skills in writing and speaking
- Analytical and problem-solving skills;
- Practical understanding of IT security standards such as ISO27001, NIST, OWASP
- Bachelor's degree with professional certification in Cybersecurity, IT or a related field
- Certifications such as CISA, CISSP, CISM as a plus
Supporting the Client in a Third Party Risk Management process (TPRM), performing Vendor Risk Assessments. Estimated lenght: 2 years
, [conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities;, conducting Cloud assessments, conducting audits;, analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices;, developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats;, communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams;, monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities;] Requirements: TPRM, Security, IT Security Standards, ISO27001, NIST, OWASP, CISA, CISSP, CISM Tools:. Additionally: Sport subscription, Private healthcare, Flat structure, Small teams, International projects, Multisport, LuxMED, Integration events.Bądź pierwszy, który ubiega się o to miejsce pracy!
-
Dlaczego szukać pracy na HitPraca.pl?
Subskrybuj oferty pracy
Codziennie nowe oferty pracy Możesz wybierać z bardzo szerokiej gamy ofert pracy - naszym celem jest posiadanie jak najszerszej oferty pracy Otrzymuj nowe oferty e-mailem Bądź pierwszym, który odpowie na nowe oferty pracy Wszystkie oferty pracy w jednym miejscu (od pracodawców, agencji pośrednictwa pracy i innych portali) Wszystkie usługi dla kandydatów do pracy są bezpłatne Pomożemy Ci znaleźć nową pracę