• Third Party and Vendor Risk Management Consultant

    Job Locations US-FL-Sunrise
    Posted Date 3 weeks ago(9/28/2018 5:48 PM)
    ID
    2018-1435
    # of Openings
    1
    Category
    Data Privacy
  • Overview

    Focal Point Data Risk is a new type of risk management firm, one that delivers a unified approach to addressing data risk through a unique combination of service offerings. Focal Point has brought together industry-leading expertise in cyber security, identity governance and access management, data privacy and analytics, internal audit, and hands-on training services, giving companies everything they need to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, Focal Point is the next generation of risk management.

     

    Our Privacy team has developed and implemented data privacy and information security programs for some of the nation’s largest and most complex organizations. Our clients represent industries in both the public and private sectors, including government agencies, domestic and global technology firms, global retail chains, financial services firms, and healthcare organizations. The Third Party and Vendor Risk Management Consultant is responsible for performing third-party due diligence vendor privacy and security reviews and assessments. He/she will be given the opportunity of a broad variety of solutions for our clients, such as designing and implementing third party and vendor governance and risk management programs.

     

    He/she works on-site and off-site to evaluate client third party and vendor compliance with common industry standards and regulations. The Third Party and Vendor Risk Management Consultant must have working knowledge of information security controls, frameworks and standards, and federal and state privacy rules and regulations.  He/she assists with drafting deliverables, frequently interacts with client personnel, and is expected to be active participant in client-focused project teams.

    Responsibilities

    • Focus on third-party due diligence responses as well as third-party due diligence vendor privacy and security reviews and assessments.
    • Perform due diligence process, including customize third party and vendor risk management questionnaires, follow up/validate responses with third parties and vendors and perform the assessments on assigned third parties.
    • Collaborate with clients to assist them in effectively managing their risks related to identification of potential risks in business processes, applications, systems, associated with third party engagements.
    • Conducts project related privacy and security risk assessments and privacy and security audits.
    • Interacts effectively with co-workers and clients at all levels, as to foster and maintain strong working relationships.
    • Performs other duties as assigned by management.

    Qualifications

    Experience:

    • 2+ years working in a consulting role as a Data Privacy or Third Party and Vendor Risk Management consultant or related field experience (e.g. IT Audit)
    • Experience with third party party/vendor risk management assessments.
    • Experience interpreting international, federal and state privacy regulations.
    • Working with technical, security controls and operational risk tolerance.
    • Experience performing privacy and/or security gap assessments.

     

    Technical Skills:

    • Knowledge of the international, federal and state rules, regulations, and guidance related to security and privacy including but not limited to ISO, HIPAA, GLBA, GDPR, and NIST
    • Intermediate to Advanced Microsoft Office Suite (i.e., Word, Excel, PowerPoint).

     

    Education:

    • A Bachelor's Degree in information systems, computer science or a related field.
    • Obtained or working towards Certified Information Privacy Professional (CIPP) certification
    • Obtained or working towards obtain Certified Information Systems Auditor (CISA)

     

    Travel Required: Regional and international travel, as needed, up to 35%

     

     

    Benefits: Medical, Dental, Vision, 401K, generous PTO and some other great perks!  

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    Focal Point is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.  If you’d like to view a copy of the company’s affirmative action plan or policy statement, please email hr@focal-point.com.  If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Chelsea Campbell at 813-402-1208 or recruiting@focal-point.comThis telephone line and email address is reserved solely for job seekers with disabilities requesting accessibility assistance or an accommodation in the job application process. Please do not call about the status of your job application if you do not require accessibility assistance or an accommodation. Messages left for other purposes, such as following up on an application or non-disability related technical issues, will not receive a response.

     

     

     

     

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed