Sr. Third Party Risk & Control Analyst

Role: Senior Third party risk and controls management analyst

Location: Plano, TX (Hybrid 3 days in office)

Duration: 6.12 Contract to Hire - W2 Employment

USC/GC only

W2 only - No C2C

Must Have: Cloud Security, Third Party Risk, Gap analysis and risk assessments, Operational/Data Risk, Application Controls, App Security, App Development with Secure code and Static Code.

-IAM/PAM and Penetration Testing is a huge Plus

Certifications: SANS, Security+ (Plus), CISSP or similar

Job Description:Strong working knowledge of operations practices, risk management processes, principles, architectural requirements and threats and vulnerabilities in the context of Cybersecurity as well as incident response handling methodologies as they apply.

Strong knowledge of national and international laws, regulations, policies and ethics as they relate to Cybersecurity and specifically in the financial industry.

Expert in their field; keeps technical skills current, participates in multiple forums

May be multiskilled across the full range of team functions.

Strong understanding of Agile, with the ability to work under at least one of the common frameworks.

Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues.

Provides indepth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation with skill in using network analysis tools.

Compliance required for local, country, and/or region specific standards for credentials, certifications and/or training.

Additional Skills:Cloud security, identify and access management, third party risk management, vulnerability management.

Roles and Responsibilities:The third party risk and controls management analyst will be responsible for conducting deep dive technical risk reviews of client’s highest risk suppliers.

Working across multiple systems of record, this role will identify areas of technical risk to the business by analyzing IT architectures, security controls, evolving industry practices, etc. and document where controls do not exist or need improvement.

These technical deepdive reviews will then been evaluated against technical and business resilience planning, incident response plans, and cyber intelligence reporting.

Pay Range: $65 - $70/hour on W2

The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision as well as 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.