Responsibilities:

This role is responsible for data analysis, reporting, and automation of third-party data reports within the Specialized Subcategory Cyber Assurance Program (SSCA). Key responsibilities include analyzing and interpreting wide sets of data, developing solutions and program improvements, and automating reporting to help drive efficiency within SSCA. This role will require collaborating with management and stakeholders within the SSCA program, including analysts, program managers, and governance leads within SSCA.

• Review third party data with an information security lens

• Identify root causes and proactively identify risk and thematic trends in the vendor population

• Collaborate with partners in the SSCA program to build action plans to remediate any identified gaps

• Effective communication with stakeholders, both spoken and written

• Collaborate with stakeholders to identify solutions based on data analytics

• Design Dynamic Dashboards and automated reporting with Tableau and Alteryx

Required Qualifications:

• 3+ years as a Third Party Information Security Assessor

• Previous audit, assessment, threat intelligence or OSINT experience

• Previous data analysis experience

• Proactive in Problem Solving

• Process Innovator

• Metrics and reporting experience

• Collaboration skills

• Strong verbal and written communication skills across multiple levels of the organization

• Self-starting, organized, and requiring minimal management oversight

• Previous experience with Tableau

• Ability to work on complex components of large reporting platforms.

Desired Qualifications:

• Python/SQL language proficiency

• Microsoft Office skills including Excel and PowerPoint

• Knowledgeable of various Security Frameworks (NIST, ISO 27001, SOC 2 Type II, PCI, etc.,)

• Proficiency in Alteryx