The Supplier Risk and Scope Analyst (closed)
The Supplier Risk and Scope Analyst is accountable for completing initial information security risk and scope reviews for suppliers to determine the inherent risk of a supplier with respect to that supplier’s access to Personally Identifiable Information. This review is completed using an established process developed by Information Security. ____________________________________________________________________________
• Coordinate with line of business supplier managers to complete the risk and scope questionnaire and assessment tool.
• Obtain supplier manager’s agreement on the risk and scope.
• Document the results of each risk and scope discussion and conclusion.
• Alert management to issues such as: non-responsive supplier manager, conflicting conclusions, etc
• Complete other duties as assigned.
KNOWLEDGE AND SKILLS:
§ Working knowledge of Information Security risk and IS best practices – 2-3 years of relevant experience
§ General understanding of a risk based assessment approach.
§ Good consulting skills
§ Advanced analytic skills
§ Highly developed communication skills, both verbal and written
§ Demonstrate strong relationship management skills
§ Advanced problem solving skills
§ Solid negotiation/ mediation skills
§ Good Project Management skills
§ Excellent time management skills