3rd Party Risk Analyst
: Job Details :

Required Skills & Experience

• Bachelor's degree in information technology or other related field experience.
• Experience in audit roles or a related control function - relevant certification or industry accreditation (e.g., CPA, CFA, CIA) encouraged.
• Working knowledge of ITSM/ITAM, regulatory compliance (SOX, PCI DSS, GDPR/PII and HIPAA) and cybersecurity principles.
• Strong proficiency in basic PC applications (Excel, Word, PowerPoint) with a general understanding of simple data analysis techniques like VLOOKUP, Pivot Tables etc.
• Excellent critical thinking and problem-solving skills with the ability to learn both the Client and industry standards (NIST 800-171, NIST 800-871)
• Strong written and oral communication skills, PC skills, team building skills and the ability to work independently.

What You Will Be Doing

• Primary responsibilities include conducting regular reviews on access rights of users and working with management to design and/or revise system user roles to align with user's roles and responsibilities.
• Facilitate user access reviews for a variety of systems including on-prem servers (Windows & Linux), databases, applications, cloud resources, etc. manually or using automated access review tools.
• Familiarity or willingness to learn IGA tools such as SailPoint IdentityNow, Sonrai Security.
• Prepare and scope reviews, while meeting with stakeholders to develop an understanding of the business and technology and identifying the key risks and controls to be assessed.
• Participate in meetings with process and control owners to ensure enterprise level access controls are properly created to address any access related risks identified by management.
• Facilitate and track audit remediation activities with stakeholders to completion.
• Work with internal auditors and regulatory examiners to collect and prepare requested documents and consulting with stakeholders on remediation efforts.
• Perform special projects related to cybersecurity as assigned by management.
• Assess the effectiveness of controls to mitigate identified risks and offer solutions for process improvements related to audit remediation efforts.
• Analyze material risks as they relate to the Client's priorities and overall strategy by monitoring internal and external factors and applying key business initiatives.