|Date Posted||April 21, 2021|
Business Title: Consultant, Third Party Risk Management
Reports to: TPRM Sr. Analyst
Office Location: Remote/Jersey City, NJ
IPG is seeking a Third Party Risk Management Consultant- in Chief Information Security Office located in Jersey City, NJ. This individual will report to TRPM Sr. Analyst and partner with the business, corporate and agency IT teams to understand the services our agencies provide clients, the data they handle and risks associated with use of outsourced services and suppliers. This individual will make recommendations on how to mitigate any risks identified.
Job Responsibilities :
- Support Third Party Risk Management (TPRM) program in the following areas:
- Oversight and governance
- Policy and procedures
- Vendor inventory
- Risk ranking and assessment methodologies
- Issue management
- Automation and reporting
- Continuous monitoring
- Initiate information security risk assessments of new and existing suppliers based on risk scoring.
- Manage questionnaire based IT vendor risk assessments/due diligence reviews, specifically, identifying potential security risks, documenting findings and identifying practical risk reduction strategies.
- Leverage innate knowledge of technical security concepts including authentication, authorization, data security, application security, cloud services and secure architecture concepts to identify security gaps and convey the importance of security to businesses.
- Lead discussions around remediation activity and compensating controls to help manage risk. Influence remediation when necessary.
- Communicate and present risks and remediation activity in a clear manner to non-technical audiences.
- Review default security language for supplier contracts. Provide support when there is a request to redline/modify security contract language.
- Fill the role of Application Manager for our Governance Risk and Compliance application. Establish business requirements for new features and functionality. Work with the vendor to implement those enhancements.