Position- Senior Third party risk and controls management Engineer
Duration-W2 Only
Location- Plano, TX (Last option is Washington, DC)/Hybrid
JD
Must have : Tech Expertise in Cyber Security, Cloud Security and IAM
Must Have: Cloud Security, Third Party Risk, Gap analysis and risk assessments, Operational/Data Risk, Application Controls, App Security, App Development with Secure code and Static Code.
- IAM/PAM and Penetration Testing is a huge Plus
Certifications: SANS, Security+ (Plus), CISSP or similar
Job Description
Strong working knowledge of operations practices, risk management processes, principles, architectural requirements and threats and vulnerabilities in the context of Cybersecurity as well as incident response handling methodologies as they apply.
Strong knowledge of and international laws, regulations, policies and ethics as they relate to Cybersecurity and specifically in the financial industry.
Expert in their field; keeps technical skills current, participates in multiple forums
May be multiskilled across the full range of team functions.
Strong understanding of Agile, with the ability to work under at least one of the common frameworks.
Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues.
Provides indepth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation with skill in using network analysis tools.
Compliance required for local, country, and/or region specific standards for credentials, certifications and/or training.
Additional Skills
Cloud security, identify and access management, third party risk management, vulnerability management.
Roles And Responsibilities
The third party risk and controls management analyst will be responsible for conducting deep dive technical risk reviews of client's highest risk suppliers.
Working across multiple systems of record, this role will identify areas of technical risk to the business by analyzing IT architectures, security controls, evolving industry practices, etc. and document where controls do not exist or need improvement.
These technical deepdive reviews will then been evaluated against technical and business resilience planning, incident response plans, and cyber intelligence reporting.
Regards,
Pallavi Verma
Sr. Technical Recruiter | Syntricate Technologies Inc.
Direct : (phone number removed) |
Email : | Web:
We're hiring! connect with us on and visit our
Minority Business Enterprise (MBE) Certified | E-Verified Corporation | Equal Employment Opportunity (EEO) Employer
This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. Please notify the sender immediately by email if you have received this email by mistake and delete this e-mail from your system. You have received this email as we have your email address shared by you or from one of our data sources or from our member(s) or subscriber(s) list. If you do not want to receive any further emails or updates, please reply and request to .