"Alerted.org

Job Description

A large law firm is actively seeking an IT Risk & Compliance Third Party Engineer to join our IT Security & Risk Management team for our Washington, D.C. office. This role, under the guidance of the Director of Information Security Governance, Risk & Compliance is responsible for day-to-day governance risk and compliance processes also, this position focuses on third-party compliance and risk assessment. This individual will work closely with other IT engineering teams to help enhance the risk posture of the firm. Responsibilities include the below:

-Conduct regular audits and assessments of third-party vendors to evaluate compliance with the organizations policies and regulatory requirements

-As part of the Third-Party Risk Management (TPRM) team, ability to focus on engineering continuous improvement efforts in the Third-Party risk assessment process

-Work with TPRM teams to schedule and execute a variety of activities related to third party risk assessment

-As a Third-Party Risk Engineer, ability to support the implementation of the Third-Party Management Policy, risk remediation and risk scoring

-Review, measure, monitor and report on the state of key risk metrics and compliance gaps across the WSGR

-Evaluate, quantify, and communicate risk across the internal technical and procedural controls

-Improve risk monitoring and observability through log analysis, dashboard creation, and automated alerts and response

-Track and monitor IT remediation and risk treatment plans

-Assist in implementing and enforcing audit, governance, and risk frameworks across the organization

-Perform deep-dive analysis of cybersecurity issues using data from various threat management and provide recommendations and remediation

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

-Bachelors Degree required in Computer Science, Information Technology, or related field of study desired

-ServiceNow certifications required

-3+ years of ServiceNow experience

-4+ years of relevant experience in risk and compliance or security

-Knowledge of Governance Risk & Compliance (GRC) tools is highly desired

-Knowledge of the NIST Cybersecurity Framework (CSF) and NIST 800-53

-Strong analytical, problem- solving, multitasking and time management skills and ability to follow through on issues to resolution

-Excellent technical writing and verbal communication skills

-Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices -Law firm or professional service background null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].