Job
Description
Developing detailed understanding of security standards, policies and associated processes as it pertains to third party risk management
1.5-3 years of experience in Risk and Compliance domain.
Driving collaboration between cross-functional stakeholders and facilitating strong partnership with Fiserv Business Units
Responsible for conducting third-party risk assessment in line with security standards, practices encompassing people, process and technology controls
Proficient in reviewing documentation including but not limited to security policies, processes, SOPs, third party audit/assurance reports including SOC 2, PCI AOC/ROC/ROV/SAQ, ISAE, ISMS, penetration testing, vulnerability scanning reports to identify gaps/exceptions
Responsible for monitoring, tracking risks through closure by collaborating with multiple constituents including internal and external stakeholders; ensuring auditable results are maintained throughout the engagement
Ensure accurate and timely review; responsible for well-written observations, and walking stakeholders through the process lifecycle as needed
Maintain and create repository and data sheets for cyber events and vendor engagements records
Establish trust and credibility with key partners; develop and foster constructive professional relationships with multiple stakeholders including but not limited to executive and line management, security officers, risk contacts, third-party contacts
Work on cyber events, liaison with business stakeholders and follow-up with vendors