Responsibilities:
· The vendor risk management program is responsible for analyzing the effects of outsourcing on the enterprise’s security posture. As required, this role will identify and develop mitigating security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. You will work across business units and technology areas in assessing third party solutions/integrations.
- Responsibilities ranging from interfacing with third-party suppliers and internal employees to determine our supplier’s security posture, responding to and reviewing security questionnaires.
- Assist with technical risk assessments. Responsibilities ranging from documenting systems, identifying technical security risks and mitigating controls and remediation management.
Track identified findings of non-compliance with Palo Alto Networks’ standards to remediation or to an acceptable level of risk.
Provide accurate and up-to-date security metrics to senior management.
Basic Qualifications:
· 3-5 years of experience in Information Security Risk Management
· Experience in assessing risk associated to third party solutions/integrations, especially cloud providers.
· Foundational knowledge of common security control frameworks, e.g., ISO, NIST, CIS Controls
Foundational knowledge of security domains with a broad range of technical concepts: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy.
· Strong ability to analyze multiple data points and problem-solve to reach a well-reasoned solution
· Strong oral and written communication skills
· Team first and positive “can-do” attitude in a fast-paced, high-demand environment.