Santa Clara, CA - Onsite
Job Description
We are looking for a mid-level software/application security professional. The ideal person should have background/experience in building programs for secure software development. Experience with performing threat modeling, security assessments, security testing and penetration testing is preferred.
- Demonstrate strong knowledge in IT controls, risk assessments, and testing of security measures
- Identify opportunities to continuously innovate and improve the program and value delivered to organization
- Ensure successful completion of the annual supplier cybersecurity assessment.
- Perform on-site control validation to ensure the highest impact suppliers have the proper cybersecurity controls in place.
- Independently and proactively plans and performs assigned audit engagements related to security, confidentiality, integrity, information protection and availability of data
- Conduct audit & evaluate in alignment to the supply cyber security control framework.
- Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit for existing certified suppliers
- Inform and advise business leaders on supplier’s information security risks
- Provide subject matter expertise in third-party risk management.
- Post audit assessment reports and update stakeholders on findings