For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.

*** Contract position for 6 month;

*** The job is on-site with a hybrid work schedule. Fully remote work is not an option. Candidates must be local or willing to relocate within commuting distance of Pittsburgh PA, Cleveland OH, Birmingham AL, Dallas TX, Phoenix AZ

IT Security Specialist :

- Work in Third Party Security Assurance (TPSA) team within the Policy, Governance, and Assessments department of the corporate Enterprise Information Security organization.
- Conduct third-party security risk assessments across corporate's technology supplier portfolio.
- Manage multiple assessments independently, including: Reviewing Due Diligence Questionnaires, Creating unique agendas for remote interviews, Conducting remote assessment interviews, Creating remediations
- Coordinate extensively with internal third-party resources and external suppliers.
- Validate the implementation and operational effectiveness of security and technology controls at third-party suppliers.
- Elevate issues, delays, and obstacles to keep assessment lifecycles on track.
- Consult on defining third-party security policies and best practices.
- Educate stakeholders on third-party security requirements.
- Contribute to the continuous improvement of the third-party security assurance program.
- Assist with testing releases of the corporate TPSA platform.

Required Qualifications :

- Bachelor's Degree in a relevant field (e.g., Computer Science, Information Technology, Cybersecurity)
- Minimum 3 years of directly related experience in IT security or risk management
- Solid understanding of security concepts, controls, and industry frameworks including: NISTCybersecurity Framework, FFIEC Cybersecurity Assessment Tool, CRI Profile
- Strong understanding of mitigation methodologies and regulatory requirements related to information security, privacy, and data security
- Experience with supporting toolsets, including: Microsoft SharePoint, Atlassian Jira, Atlassian Confluence, Tableau
- One or more of the following certifications: Certificate of Cloud Security Knowledge (CCSK), Certificate of Cloud Auditing Knowledge (CCAK), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), etc
- Proficiency using Third Party platforms such as RSA Archer and/or KY3P (Know Your Third Party)
- Experience working in Third Party Risk Management

For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.

PNC Beeline VMS# 137824-1

#M1