Hi Hope you are doing well
I am Smith, working as a recruiter with Infotree Service Inc. I am currently working on “*Information Security Analyst(MDTJP00005946)*” position with *Medtronic* I will appreciate your response at the earliest, as the managers tend to move fast! *NOTE :* *SEND RESUMES WITH THESE DETAILS , Profiles with all mandatory details would be processed with TOP Priority* *Name (First & Last)* *Contact No.* *Email ID * *Current Location* *Willing to Relocate if need* *Work Visa Status*, *Expiry Date* *Availability * How soon can you join?* *Reason for change* *Are you fine with drug and background check?* *Skype ID* *Last 4 Digit SSN No.* *DOB(Day, Month)* *Higher Education, Year of Completion * *Job Title* *Information Security Analyst(MDTJP00005946)* *Project Location* *Mounds View, MN* *Duration* *7+ months /Contract* *Skills* *Job Summary:* *Information Security Analyst* will be part of an industry leading team of IT Governance, Risk and Compliance professionals. Main responsibilities will be to conduct and manage vendor security assessments and due-diligence reviews and to assess vendor compliance to the security controls outlined in business agreements, security or corporate policies, procedures, and regulations along with ability to map security controls and requirements. This individual will also act as a liaison to both the vendor and internal business teams on security controls design and management. Review vendor supplied policies and procedures, internal/external assessment reports, security technology information and agreements. The Candidate will provision assessment reports and executive summaries with recommendations and direction regarding remediation efforts and disposition of the third party. Communicate, escalate, and track vendor progress on assessment remediation activities. Understand information security risks that are inherent to a business and articulate those risks in business terms. Maintain current knowledge on information security topics and their applicable program requirements. *Job Function:* • Execute effective security risk assessments and coordinate with rest of the Global Privacy and Security Office (GPSO) team in delivering requited security requirements • Contribute continuous improvement to the methodologies and practices of the GPSO to attain higher capability maturity levels • Effectively manage third party security risk throughout the vendor life-cycle • Appropriately challenge and require high quality findings and issue definition from regional and local control owners • Provide support of policy / standards exceptions, report status to regional and local management, and advise on corrective actions • Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the Security Policies and Standards, SOX, regulatory / legal and other obligations / requirements • Prepare stakeholder presentations for regional stakeholders and senior leadership • Provide insight on the deployment of security technology solutions at vendors, which may include technology for encryption, firewalls, authorization, authentication, intrusion detection, and gateway security controls. • Prepares status reports on security matters to analyze security risk and response of vendor security controls. Monitors and proactively recommends solutions for correcting issues related to security technology performance and capabilities of vendors. • Provides direct support to the business and IT staff for security-related issues, which may include off hour analysis of vendor security posture. • Determine and communicate security/privacy risk to partners and leaders as appropriate • Demonstrate strong knowledge of IT security controls, security risk and threats *Experience:* • Minimum 3 years professional experience, including 1 year working in area of ITGRC or controls function. • Prior experience in Audit, risk management, governance, IT security and / or compliance functions • Proven experience dealing with ambiguous situations, and producing a consistent result with varied input *Other Skills:* • Knowledge of information risk concepts and practices required • Knowledge of controls manifestation in large global corporations with regional and local presence is required • Experience of working across business units and geographical boundaries to engage IT, business and team members is required • Experience communicating conceptual and technical information. • Experience translating technical data into business impact information. • Ability to investigate, question and interpret internal and external security environments is required *Technical Skills:* • Knowledge of Frameworks, including PCI, SOX and ISO 2700x is a plus • Detailed knowledge of ITGRC, Auditing principles / practices is desired • Good understanding of Vendor management desired • Good understanding of security frameworks desired • Good project management skills desired • Experience with some networking and security technologies such as IPSEC (Internet Security Protocol), VPN (Virtual Private Network), routers, switches, firewalls, intrusion detection and prevention, data leakage, WAF (Web Application Firewall). • Experience in examining reports on security controls (SSAE-16, PCI-ROC, Application Security Assessments) Thanks & Regards Smith, Sr. Technical Recruiter Infotree Service Inc. 215 Ann Arbor Rd. Suite 304 Plymouth, MI 48170 734-446-7070 Fax- 734-345-4247 sm...@infotreeservice.com -- You received this message because you are subscribed to the Google Groups "it req" group. To unsubscribe from this group and stop receiving emails from it, send an email to it-req+unsubscr...@googlegroups.com. To post to this group, send email to it-req@googlegroups.com. Visit this group at https://groups.google.com/group/it-req. For more options, visit https://groups.google.com/d/optout.