More jobs:
Senior Vendor Risk Analyst
Job in
San Francisco, San Francisco County, California, 94199, USA
Listed on 2026-01-01
Listing for:
Direct Staffing Inc
Full Time
position Listed on 2026-01-01
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Perform assessments on-site at vendor locations or remotely via conference calls.
Assess completed questionnaires and supporting documentation to validate vendor appropriate implementation of information security controls; analyze the information to identify information security weaknesses or non-compliance with industry standards.
Produce detailed documentation of assessments and perform threat analysis of gaps identified.
Communicate vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
Validate evidence from vendors before Remediation Plans are closed.
Escalate issues associated with vendors as needed to management.
Qualifications
Demonstrate in-depth knowledge of concepts, best practices and controls in a breadth of information security areas / domains; these information security areas include risk management, access control, cryptography, physical security, security architecture and design, network security, application & operations security and compliance / incident management.
Strong technical and / or IT audit background and practical knowledge of a wide variety of technologies which include server infrastructure & operating systems, network & web infrastructures, database architecture and intrusion detection / prevention systems.
Proficient working knowledge within the following risk domains / technologies :
Database and application security, IDS / IPS technologies, System / Access Administration, Firewall technologies, Network Architecture, Security Event Logging & Monitoring, Key Management / Tokenization, Database / Application / Network Layer Secure Protocols, Physical and Environmental Security, Secure Software / Code Development, Change Management, Vulnerability Management.
Self-starter with the ability to manage and prioritize responsibilities through the effective use of time management techniques.
Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timelines.
Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
Strong risk analysis and problem-solving skills.
Must be flexible to ensure assessments are performed by the mandated date and be able to manage multiple assessments simultaneously.
Additional Experience / Requirements
Experience that is considered a strong plus : performing information security assessments; providing information security guidance to business stakeholders; interpreting and applying information security policy and standards.
IT Risk Management / Audit industry certification (such as CISSP, CISA, CRISC, etc.) preferred.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Direct Staffing Inc.
JLjbffr
Create a job alert for this search
Senior Risk Analyst
• San Francisco, CA, US
#JLjbffr
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×