Job Information
System One IT Security Specialist - Third Party Security Assurance in Pittsburgh, Pennsylvania
For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.
* Contract position for 6 month;
* The job is on-site with a hybrid work schedule. Fully remote work is not an option. Candidates must be local or willing to relocate within commuting distance of Pittsburgh PA, Cleveland OH, Birmingham AL, Dallas TX, Phoenix AZ
IT Security Specialist :
Work in Third Party Security Assurance (TPSA) team within the Policy, Governance, and Assessments department of the corporate Enterprise Information Security organization.
Conduct third-party security risk assessments across corporate’s technology supplier portfolio.
Manage multiple assessments independently, including: Reviewing Due Diligence Questionnaires, Creating unique agendas for remote interviews, Conducting remote assessment interviews, Creating remediations
Coordinate extensively with internal third-party resources and external suppliers.
Validate the implementation and operational effectiveness of security and technology controls at third-party suppliers.
Elevate issues, delays, and obstacles to keep assessment lifecycles on track.
Consult on defining third-party security policies and best practices.
Educate stakeholders on third-party security requirements.
Contribute to the continuous improvement of the third-party security assurance program.
Assist with testing releases of the corporate TPSA platform.
Required Qualifications :
Bachelor's Degree in a relevant field (e.g., Computer Science, Information Technology, Cybersecurity)
Minimum 3 years of directly related experience in IT security or risk management
Solid understanding of security concepts, controls, and industry frameworks including: NISTCybersecurity Framework, FFIEC Cybersecurity Assessment Tool, CRI Profile
Strong understanding of mitigation methodologies and regulatory requirements related to information security, privacy, and data security
Experience with supporting toolsets, including: Microsoft SharePoint, Atlassian Jira, Atlassian Confluence, Tableau
One or more of the following certifications: Certificate of Cloud Security Knowledge (CCSK), Certificate of Cloud Auditing Knowledge (CCAK), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), etc
Proficiency using Third Party platforms such as RSA Archer and/or KY3P (Know Your Third Party)
Experience working in Third Party Risk Management
For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.
PNC Beeline VMS# 137824-1
#M1
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.