Vendor Security Lead

5+ years experience performing vendor security risk analysis for new and existing vendors
3+ years of experience managing an effective Vendor Security program
Experience designing, managing, and building security programs and best practices
Familiarity with compliance frameworks (e.g. PCI, GDPR, SOC2, ISO27001)
Good understanding of various security domains
Strong sense of ownership and comfortable with autonomy and ambiguity
Great communicator who is comfortable leading meetings and audit type interviews with vendors
Bachelors level degree in Computer Science or cognitive discipline, or equivalent cyber security industry experience.

Perform vendor security assessments in order to minimize risk from third-party services
Maintain and improve vendor security program while working closely with Security, Legal, IT and other internal stakeholders
Ensure vendor security issues are identified, communicated, and remediated to an acceptable level of risk
Interface with other teams and take a leadership role in driving vendor security initiatives
Manage a team of contractors to deliver the vendor security assessments and have oversight over their Security assessment work
Conduct periodic reviews of the Vendor Security program to identify areas for improvement and automation and help ensure alignment with key business risks, regulatory requirements, and industry frameworks; revise program documentation as required and communicate program changes to key stakeholders to achieve buy-in
Drive accurate program metrics through timely updates and thorough documentation of each completed assessment and coaching team members on the same
Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements

No preferred qualifications provided.