The 3 rd Party Security Risk Assessor, reporting to the Head of Cyber Security, will be performing security assessments of vendors, service providers and 3 rd party companies that manage systems or information.

• Review services provided by vendor and define scope of assessment based on SIG / AUP
• Perform security assessments or work with 3 rd party provider who will be performing the review
• Define appropriate risk levels and corrective actions
• Report on assessment outcomes, risk level and associated recommendations
• Input corrective action plans into system
• Follow up on corrective action plans and review evidence for closure
• Provide metrics on a regular basis (KPI / KRI)
• Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure.

• Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience
• Minimum 5 years professional work experience, including a minimum of 2 years in an Information Security role or an IT Auditor role
• Strong written/verbal communication skills, and organizational and work documentation proficiency
• Good communicator with demonstrated ability to pass messages in a clear and concise manner
• Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines
• Ability to coordinate actions from several different teams
• Experience performing IT audits or IT security risk assessments
• CISSP, CISM or CISA certification