Remote Vendor Risk Consultant Job in San Francisco Bay SecurityScorecard

Who you are

• 5+ years of professional cybersecurity consulting experience, or similar
• Outstanding communication skills, and the ability to explain complex cybersecurity and vendor risk management concepts to non-technical audiences
• Strong understanding of cybersecurity concepts, technologies, and best practices
• Data analysis skills, using Microsoft Excel or similar, and common scripting languages, such as Python, to analyze complex data and provide trends and patterns
• Demonstrated ability to manage multiple client accounts simultaneously, prioritize tasks, and meet deadlines
• Work independently and collaboratively in a fast-paced, dynamic environment
• At least one certification in the following list is desired: CEH, GSLC, GCPM, GSTRT, GCCC, GSNA, CISSP, CISM, CISA or CRISC
• Experience conducting cybersecurity assessments and audits is desired
• Previous experience in vendor risk management is desired, but not required

What the job involves

• Conduct risk assessments of customers’ potential and existing vendors to identify and mitigate potential risks
• Monitor and track vendor risk profiles and regularly report on potential and existing risks to customers and vendors
• Stay informed about current security threats and industry standards to continuously improve vendor risk management strategies
• Develop and maintain strong relationships with vendors to ensure ongoing compliance with security requirements
• Develop and maintain strong relationships with customers to help them understand the risks posed by their vendors
• Continuously assess the effectiveness of our customers’ vendor risk management programs, and provide advice and guidance on how to enhance the effectiveness
• Assess new and emerging cybersecurity findings identified by SecurityScorecard, and provide analysis and insight to vendors on how these impact their cybersecurity posture and how to mitigate and remediate these findings