SKILLS THAT WILL HELP:

• Understanding of network security threats, industry framework controls (CIS and NIST), and BAC Policies and Standards framework
• Experience with information security, cloud, business continuity, data transmission, encryption, privacy domains
• Experience supporting regulatory or sector policies
• Experience with assessments based on relevant threat intelligence (Pen Testing, Red Teaming)
• Ability to work with technical and non-technical business owners

ROLE DESCRIPTION:

The Third-Party Remediation Assessor is responsible for executing information security assessment remediation with the bank’s third parties. In this role, you will manage the third party’s progress throughout the remediation lifecycle, as you work to address their information security gaps.

RESPONSIBILITIES:

You will be expected to maintain clear and consistent communication between the bank, the vendor, and the LOB vendor management community regarding the assessment’s status, updates, completion, and any escalations that may be required.
Previous information technology/security audit/assessment experience is preferred. Great attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required. Must be able to plan, execute and document assessment remediation activities following established processes and procedures.
Extensive number of years’ experience in information security required. CISSP, CRISC, or CISA recommended.