Job Summary

Vendor Risk Management Job in Atlanta, GA

  • Location:
    Atlanta , Georgia
  • Category:
    IT Management
  • Contract Type:
    Contract/Temporary
  • Job reference:
    US_EN_6_33209_59270513

Are you interested in working for the #1 Healthcare company in America?
Are you authorized to work in the U.S. without sponsorship?  (We are unable to work C2C all employees must work W2).THIS IS A CONTRACT OPPORTUNITY
 
Vendor Risk Management Job in Atlanta, GA
 
• Remote up to 50%
• Up to 10% travel required
• Preferred: CISA, CISM, QSA, ISA, HITRUST CSF or comparable certification.
 
The Vendor Risk Management (VRM) function provides subject matter expertise, guidance, and assessment services to identify and manage risks associated with third-party service providers. This function ensures that these third-party service providers have controls that are adequately designed, implemented or remediated to meet control requirements and SOX, HIPAA, PCI, and internal policy compliance expectations.
 
The VRM Compliance Consultant is an individual contributor on the VRM team. This role will support implementation of VRM processes and provide consultancy expertise in support a comprehensive and integrated program that manages vendor risks and monitors adequacy of vendor controls to sustain compliance of Vendors. As an augmented professional resource to the VRM team, the Consultant will partner with business and other technology constituencies to address vendor-related risks throughout the vendor lifecycle. This role also collects, analyzes, and reports performance metrics using company software and reporting tools and manages largescale VRM engagements from planning to completion.
 
Essential Responsibilities
 
• In support of the VRM process, serves as a lead through a series of strategic and tactical activities to deliver on expected VRM results. Perform duties covering the full-span of vendor life-cycle include but not limited to: data gathering to establish a centralized Vendor Inventory across enterprise, determining and categorizing vendor service types, conducting vendor service risk profile for risk rating, assessing vendor’s control environment for compliance with privacy and security requirements, reporting assessment results and ensuring risk remediation/acceptance, and on-going monitoring of vendors providing high-risk services to manage potential exposure of data and security breaches.
• Provides consultancy services to business and project teams evaluating new vendor services and/or introducing new technologies.
• Collaborates with team members to continuously improve VRM tools and processes to meet department objectives, applying creative solutions to address issues with people, processes, technologies.
• Supports development, implementation, and maintenance of vendor risk and compliance documentation and procedures.
• Plans and manages assigned program work streams to their conclusion, providing regular status updates, communicating with key stakeholders and partners, identifying issues and manage to resolution, and ensuring quality deliverables.
• Collects, analyzes, and reports performance metrics using company software and reporting tools.
• Demonstrates ability to develop executive reports and deliver presentation to executives and leaders.
• Demonstrates knowledge and experience with auditing techniques and remediation strategies, with ability to clearly document assessment results, and conclusions drawn.
• Exhibit ethical behaviors in self and encourage others in accordance to the Principles of Responsibility; adheres to organizational policies and guidelines; supports compliance initiatives; maintains confidences; admits mistakes; conducts business with honesty; shows consistency in words and actions; follows through on commitments.
 
JOB QUALIFICATIONS
 
Minimum Qualifications
 
• Minimum four (4) years in an informal leadership role working with business or technical teams.
• Minimum eight (8) years of work experience in IT risk management, compliance, or information security. Additional equivalent work experience may be substituted for the degree requirement.
• Bachelor's Degree in MIS, Information Security, Accounting, Finance, or related field,
 
Preferred Qualifications
 
• Eight (8) years of work experience in a role that required:
o interacting with executive leadership (e.g., Vice President level and above)
o writing IT Risk Management (ITRM) documentation and assessment reports
o implementing IT compliance frameworks or ITRM methodologies
o managing audit and/or compliance projects
o working in a large matrixed organization
o experience in the development and delivery of ITRM metrics and reporting
• Master's Degree in MIS, Information Security, Accounting, Finance, or related field.
• CISSP, CISA, CISM, QSA, ISA or comparable certification.
 
Top Daily Responsibilities:
 
1. In support of the Vendor Risk Management (VRM) process, serves as a lead through a series of strategic and tactical activities to deliver on expected VRM results.
2. Perform duties covering the full-span of vendor life-cycle include but not limited to: data gathering to establish a centralized Vendor Inventory across enterprise, determining and categorizing vendor service types, conducting vendor service risk profile for risk rating, assessing vendor’s control environment for compliance with privacy and security requirements, reporting assessment results and ensuring risk remediation/acceptance, and on-going monitoring of vendors providing high-risk services to manage potential exposure of data and security breaches.
3. Provides consultancy services to business and project teams evaluating new vendor services and/or introducing new technologies to environments.
4. Collaborates with team members to continuously improve VRM tools and processes to meet department objectives, applying creative solutions to address issues with people, processes, technologies.
5. Supports development, implementation, and maintenance of vendor risk and compliance documentation and procedures.
6. Plans and manages assigned program work streams to their conclusion, providing regular status updates, communicating with key stakeholders and partners, identifying issues and manage to resolution, and ensuring quality deliverables.
7. Collects, analyzes, and reports performance metrics using company software and reporting tools.
 
Skills a Top Candidate Should Have:
 
1. Vendor Management Lifecycle and Risk Management knowledge & experience
2. IT Audit Background - Security and Compliance Controls Assessment
3. Experience with IT audit frameworks (e.g., IS27001/2, NIST, COSO, etc.)
4. Experience in working & presenting to management/leadership
5. BA/BS Degree
 
 
If you feel that you are a great match for this opportunity, please apply directly or feel free to contact Josh at 303-222-2461.
 
"In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire."
 


Apply Below

OR

Note: Required fields marked with an asterisk (*).

*
Greeting



*
*
*
*
*
*
Primary Number
*
*
Preferences
[Ctrl (Cmd Mac) + Click] to select multiple industries
Upload your resume
*
Terms of Use
*

Or

Upload your resume using

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Equal employment opportunity information:
EEO is the Law (poster) | EEO is the Law (poster supplement) | Reaffirmation of Affirmative Action Policy Statement