This is a new position
Dept: Risk Management (Information Security)
1. Handle intake of outside vendor risk assessments
2. Analyze cases and provide recommendations and assessments
3. Enforce policies, standards, and procedures with vendors
Experience with Information security risk assessments
Some understanding of Information Security Architecture
Tools used by this team: Slack & ServiceNow
· Manage intake of vendor risk assessments, acting as the first point of contact for business representatives and gathering relevant risk information.
· Identify, document and elevate visibility of information risk, where business direction creates potential for exposure to employee, athlete and product sensitive data streams.
· Perform formal risk assessments on partner and vendor connections and ensure the business objectives align with the type and volume of data used in maintaining a “need to know/use” mindset.
· Create a subscription to the information risk assessment process through pro-active partnerships and collaboration with internal business partners.
· Become an advocate of Client Information security procedures, policies, and processes, and standards as a mechanism to enable the business effectively while managing risk appropriately.
· Provide enforcement of security policies, standards and procedures by working cross functionally with Compliance and Governance functions within the Corporate Information Security organization.
· Stay current on information security technologies, trends, standards and best practices
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who had these experiences and clearly demonstrated these skills:
· Knowledge of information security principles and practices, general procedures and guidelines.
· A general understanding of technology use, trends and risks as it applies in a business context and environment.
· Excellent communication skills (written and verbal) as well as comfort and experience in presentation delivery
· Proven persuasion skills
· Proven experience identifying solutions for complex problems in enterprise environments
· Proven analytical and problem solving ability
· The ability to appropriately communicate complex security risks to non-technical staff
· Must be trustworthy in keeping sensitive data confidential
Required qualifications for the position include:
· Bachelor's degree in Business Information Management or Computer Science desired.