Role: IT security assessment JD as follows.
Location Resource quantity Start Date Qualification and Experience JD US : San Ramon, San Jose 2 resources onsite 11 August *Must hold atleast one of the following certifications CISA,CISSP, SANS, * *Must have atleast 4-5 years of auditing experience* Participate in IT security assessment engagements, including the performance of risk assessments, development of scope, approach, and work programs. Plan, develop and execute all IT risk based audit plans in accordance with Supplier assessment approach and methodology, aligning with global security Standards. Perform security assessments of external vendors and service providers and report findings to management. Participate in security assessment /audit interviews, document processes and controls. Execute security assessment procedures/tests. Assist with the preparation of assessment reports and other deliverables. Perform audit observation follow-up procedures. Identify, evaluate and report on supplier information security risks Assess the current security program, including policies, procedures, and organization and make recommendations for improvement. Identify security risks and recommend mitigating controls. Maintain and track multiple third parties Perform infrastructure and application security assessments using automated tools like Nessus, Algosec, CIS security. Experience on Archer vendor management tool Discuss assessment issues with management and develop IT recommendations to strengthen security controls Travel domestically and internationally as needed Candidates with Archer GRC , SOX, PCI security assessment will be preferred Maintain current knowledge of matters impacting IT, the industry, audit, and Company. .Stay abreast of existing and emerging IT risks via news, meetings with management and continuing education. • Document and maintain the IT risk assessment. Identify areas of significant IT risk and develop a short and long term IT audit strategy and risk based audit plan to meet the needs of CHS now and in the future. •Building and maintaining key relationships with stakeholders, establishing a culture of engagement while adding value *Regards,* *Karan Tyagi,* *United Software Group Inc. * * 565 Metro Place S. Suite # 110* *Dublin, OH 43017 * *Phone: 614-588-8589* *Fax: 1-866-764-1148* *kara...@usgrpinc.com <jainen...@usgrpinc.com>* *www.usgrpinc.com <http://www.usgrpinc.com/>* *Skype: karan_usg* -- You received this message because you are subscribed to the Google Groups "MCMS" group. To unsubscribe from this group and stop receiving emails from it, send an email to mcms+unsubscr...@googlegroups.com. To post to this group, send email to mcms@googlegroups.com. Visit this group at http://groups.google.com/group/mcms. For more options, visit https://groups.google.com/d/optout.