Job role- Vendor risk Management
Location- Bangalore
Experience- 4 to 10 years
• Expertise in Risk Management Methodologies and vendor risk management.
• Strong knowledge of IT security functions such as Secure SDLC, Network Security, Server Security, Identity and Access Management, Data Loss Prevention, Cloud Security
Knowledge of or ability to use Healthcare software and systems
• Working experience in GRC
Tools (Archer or KeyLight or MetricsStream)
• Working experience in regulations (HIPAA) and compliance (PCI DSS, HITRUST) requirements
• Working experience in SSAE16/18
Contribute towards management of 3rd party risk assessments life cycle
• Manage the Remote Vendor risk assessments
• Identify, Prioritize, Remediate & Monitor the risks associated with vendors
• Understand and document the criticality of services, Data flows etc
handled by vendors
• Mitigates corporate risk by negotiating improved contract terms and managing the corporate vendor risk management program and policies.
• Ensures guidance and due diligence is applied to the selection and on-going monitoring of key vendors to include appropriate documentation, testing of controls and site visits, in line with regulatory and audit expectations.
• Enforces vendor or partner compliance with negotiated service levels.
• Reports problem escalation and negotiation impasses to management.
• In tandem with Information Technology, maintains an ongoing service and operational level of contact with Core System Vendors and their management.
• Identifies problem, escalates problem to Core System Vendors, tracks and ensures timely resolution.
• Coordinates personnel activities and changes.
• Maintains knowledge of business, products, and systems to ensure effective use of vendor and procurement services
Performs all other miscellaneous responsibilities and duties as assigned.
