TPRM Consultant

Job Title: TPRM Consultant

Job Type: Contract

Location: Remote

Job Description:

Overview:

VDart Inc is seeking a highly experienced TPRM Consultant to join our team. As a TPRM Consultant, you will be responsible for evaluating third-party cybersecurity controls and ensuring they comply with our organization's standards and industry best practices.

Key Responsibilities:

• Evaluate Third-Party Cybersecurity Controls: Assess the cybersecurity controls of third-party vendors to ensure they meet our organization's standards and industry best practices.
• Track and Monitor Due Diligence Reviews: Track and monitor the status of each due diligence review and communicate the status with management and key stakeholders on a regular basis.
• Articulate Risks and Options for Remediation: Articulate risks and potential options for remediation or compensating controls to ensure our organization's risk is mitigated.
• Understand Inherent Risk Assessment: Understand the inherent risk assessment process and ensure it is aligned with our organization's risk management framework.
• Perform Security Assessments: Perform security assessments to identify security gaps and provide recommendations for remediation.
• Develop Mitigation Plans: Develop mitigation plans to address identified security gaps and ensure our organization's risk is mitigated.
• Work with Internal Stakeholders: Work with internal stakeholders to assign remediation tracking responsibility and ensure our organization's risk is mitigated.
• Provide Advisory and Consulting Services: Provide advisory and consulting services to clients on new trends and challenges in enterprise risk management.
• Design and Develop Information Security Policies: Design and develop information security policies, standards, and guidelines to ensure our organization's risk is mitigated.
• Experience with GRC Platforms: Experience with GRC platforms and ability to design and implement security controls, risk assessment frameworks, and programs that align with regulatory requirements.
• Coordinate and Negotiate Security Clauses: Coordinate and negotiate security clauses with procurement teams and suppliers to ensure our organization's risk is mitigated.
• Participate in Regulatory and IT Security Audits: Participate in internal and external regulatory and IT security audits to ensure our organization's risk is mitigated.
• Define Audit and Governance Mechanisms: Define audit and governance mechanisms for assets, processes, and physical security to ensure our organization's risk is mitigated.

Requirements:

• 7-8 Years of Experience: 7-8 years of progressive experience in information security consulting, third-party risk management, and auditing.
• Certifications: Certified in industry-accepted certifications such as CISA, CISM, CISSP, CRISC.
• Education: Bachelor's degree in computer science, information systems, or equivalent.
• Knowledge of Regulations: Knowledgeable in various regulations like SOX, HIPAA, GDPR, GLBA, FISMA and standards like PCI DSS, SOC (service organization's controls), ISO 31000.
• Strong Business and Communication Skills: Strong business and communication skills to drive meetings with stakeholders and provide advisory and consulting services to clients.

What We Offer:

VDart Inc offers a competitive salary and benefits package, as well as opportunities for professional growth and development.