Events  Deals  Jobs 
    Sign in  
 
 
iCapital Network // fintech platform for alternative investment solns
 
Princeton, New Jersey, United States    Posted: Sunday, January 17, 2021
 
   
 
Apply To Job
 
 
JOB DETAILS
 

The Information Security Vendor Risk Associate at iCapital Network evaluates third-party vendors to determine if their information security programs are adequate to protect iCapital information.   The vendor risk process includes reviewing due diligence questionnaire answers, SOC reports, & policies to determine an overall risk posture.   Once a vendor is approved the Vendor Risk Associate will track identified deficiencies in their program to remediation.   The Associate will also assist in setting the control standards that vendors must meet.

Due to COVID-19, this role will be remote until further notice. The location of the role will be based in Princeton, NJ once we reopen.  

Responsibilities

  • Perform third party vendor security assessment activities including evaluation of vendor controls & practices, process enhancements, & reviewing independent audit service reports
  • Communicate & track remediation plans with third party vendors, business & technology partners & where applicable recommend mitigating/compensating controls
  • Prepare & review third party due diligence reports for management
  • Continuously monitors third party vendors security posture & information security risk
  • Assess the appropriateness & effectiveness of security measures & recommend enhancements.
  • Perform information security risk assessments on identified technology issues raised by technology & business partners, as needed
  • Advise & guide business & technology partners regarding compensating control alternatives where security requirements cannot be met, as needed

Candidate Profile

  • 3+ years of experience in an information security role with a focus in IT compliance, IT controls or risk management
  • A bachelor's degree in Computer Science or Technology/Information Security related field
  • Understanding of ISO-27000 or NIST 800 based security program standards
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified in Risk & Information Systems Controls (CRISC) is a plus
  • Knowledge of relevant legal & regulatory requirements, as well as privacy laws
  • Knowledge of infrastructure, key processes, & technology-oriented risk issues, specifically around security & privacy
  • Knowledge of security risks pertaining to cloud (IaaS, SaaS, AaaS) offerings
  • A quick learner with desire to always learn combined with the ability to multi-task

iCapital Network is proud to be an Equal Employment Opportunity & Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

 
 
 
Apply To Job
 
 
 
 
 
© 2021 GarysGuide      About    Feedback    Press    Terms