Third Party Information Security Risk Assessor, AT
New York, NY
The Third-Party Information Security Risk Assessor is responsible for performing, coordinating and maintaining information security risk assessments for third party vendors that provide services to the Bank. This individual will also be involved in the issue management process and management of issues identified through these security risk assessments.
The Third Party Information Security Risk Assessor is tasked with:
- Assessing vendor security controls to ensure the vendors adequately protect customer information (non-public information) in their relationship with the Bank.
- Obtaining and reviewing supplier responses and supporting documentation to validate supplier appropriate implementation of information security controls.
- Analyzing the information to identify information security weaknesses or non-compliance with Apple Bank standards.
- Producing detailed documentation of assessments and performing threat analyses of gaps identified.
- Communicating vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
- Assessing cloud technologies such as Software as a Service (SaaS) hosted applications, Platform as a Service (PaaS), and Infrastructure as a Service deployments (IaaS).
- Providing leadership as an internal subject matter expert with respect to the vendor risks.
- College degree with a major in Computer Science, Information Systems Management or other related field, preferred.
- 7+ years experience in Information Security Management, Information Systems, auditing or risk management. Experience in Financial Services and or banking industry preferred.
- Excellent communication and multitasking skills.
- Certifications such as CISM (Computer Information Security Manager), CISA (Computer Information System Auditor, CISSP (Computer Information Systems Security Professional) are desirable.
- Possess strong written and verbal communication skills including ability to communicate clearly and concisely to various levels, up to and including executive level management, and explain the need for key controls to technical and non-technical resources.
Apple Bank offers Medical/Dental, 401k and Tuition Reimbursement to full time employees.
We are an equal opportunity employer and do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, military and/or veteran status, or any other Federal or State legally-protected classes.