Previous Job
Previous
Senior Security Analyst : 20-00037
Ref No.: 20-00037
Category: Networking ,Systems, Security & DevOps Engineering
Location: Draper, Utah
Primary Skills: Security Analyst, Vendor Security, Information Security, Exp. in contracts and negotiating information security/privacy contract
Duration: 6+ Months
Contract Type: W2 Only


Location: Draper, UT or San Jose, CA
 
Responsibility / Job Description: 
The Vendor Security Assessor position is responsible for supporting Client’s Global Vendor Security program. This individual will be working directly with business and technology leaders to understand vendor security issues and risks; overseeing vendor security assessment efforts; prioritizing vendor security assessment activities, and negotiations involving contract terms related to Information Security Requirements.
We are looking for someone with security, communication, negotiation, and writing skills, experience with Information Security and Risk Management practices and principles. The successful candidate will also have an understanding of information protection requirements and solutions as well as the threats and challenges impacting the protection of information across an extended global enterprise. 

Job Responsibilities:
  • Work with client business and technology partners to evaluate information security risks related to strategic vendors and partners.
  • Communicate vendor security risks to business leaders to ensure a clear understanding of these risks.
  • Negotiate Information Security contract requirements with Legal, Procurement, and Vendors/Partners.
  • Conduct information security program reviews of vendors to evaluate any critical risks.
  • Establish and prioritize vendor security assessment activities.
  • Negotiate remediation of security issues with vendors and third parties.
  • Communicate and present key vendor security initiatives, practices, and issues to business units.
  • Must be able to interface and coordinate work efficiently and effectively with business colleagues and vendors in global locations and time zones.
Mandatory Skills:
  • Strong communication and negotiation skills.
  • Strong writing skills with experience writing legal contract information security requirements preferred.
  • Self-starter with the ability to manage multiple tasks concurrently.
  • Ability to communicate effectively with technical staff, business owners, and leadership.
  • 3+ years of experience in Information Security Risk functions within the vendor risk management area.
  • 1+ year’s experience reviewing contracts and negotiating information security/privacy contract terms.
  • Experience using vendor cybersecurity scorecard platforms (BitSight, RiskRecon, SecurityScorecard, etc.) is strongly preferred.
  • Strong analytical, organizational and decision-making skills.
    To follow up with any questions, please contact Dipak at 408-907-3213
 
Akraya is an award-winning IT staffing firm and the staffing partner of choice for many leading companies across the US. We offer comprehensive benefits including Health Insurance (medical, dental, and vision), Cafeteria Plan (HSA, FSA, and dependent care), 401(k) (enrollment subject to eligibility), and Sick Pay (varies based on city and state laws).

If this position is not quite what you're looking for, visit akraya.com and submit a copy of your resume. We will get to work finding you a job that is a better fit at one of our many amazing clients.
 
Akraya is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Akraya is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.