Information Security

About HireRight:Overview:This role is based in Mexico as an Information Security- Third Party Risk Management Analyst (SECGRC), reporting to the InfoSec TPRM Lead Analyst on the Governance Risk & Compliance (GRC) Team. This person will assist in the management and reporting of all aspects of vendor/ Third Party Risk Management (TPRM) operational monitoring to ensure that the organization’s Information Security standards are identified, well documented, and remediation plans formalized in a timely fashion.**Responsibilities**:- Ability to conduct comprehensive risk assessments of external vendors- Distribute and assess vendor security audits and questionnaires regularly- Monitor the ongoing activities and performance of third parties to identify emerging risks or changes to risk profiles- Build on the automation process for third-party risk- Responsible for security research and to determine areas of vendor risk- Partner with internal stakeholders across all business groups to support GRC-related initiatives and communicate back to stakeholders about vendor management.- Work closely with the security team and partners to ensure that the information security program adheres to industry, government, and organizational standards.- Schedule and perform risk assessments using a defined methodology to identify, document, and communicate control deficiencies in business processes and technology systems or offices.Qualifications:**Education**:- High School diploma or GED required;- Bachelor’s degree in applicable field preferred but not required; Combination of adequate education and work experience considered as an alternate.**Experience**:- Prior experience conducting internal and external risk assessments and providing guidance to functional teams with the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and / or remediation items- Experience with managing TPRM issue remediations in a confidential and sensitive manner- High degree of independence and exceptional work ethic within a small team with a solution-oriented mindset- Familiarity with IT and Information Security best practices- preference to those with experience working with TPRM automation tools.- 1-3 years of relevant experience is required.Knowledge & Skills:- Frameworks, Regulations, and Security Control sets: NIST Cybersecurity Framework (CSF), ISO27001, NIST 800-53, GDPR)- Knowledge of Enterprise Risk Management software (i.e., AuditBoard, ServiceNow, Archer, etc.)- Security and Privacy controls validation experience preferred- General IT knowledge (architecture, networking, operations)- Ability to synthesize complex data, produce appropriate outcomes, and convey information designed for relevant audiences- Stakeholder and executive audience engagement and communication- Worked with common business processes and cross-departmental projects- Working familiarity with BCP/DR programs, Privacy, and Physical Security evidence- Exceptional interpersonal, written, and oral communication skills- Certifications or other specialized training such as, Security+, CCSK, GSEC, CIPP/X.- ** Preferred**: ISO27001/LI and/or ISO27001/LA and ISO27701What do we offer:Work wherever The location of this role is flexible, of course you will get a fair financial compensation and from day one you will receive a training plan to get you on board quickly. In addition, you will have the opportunity to join our team of 3,000+ Team Members that work in 15 countries, serving clients in 200+ countries and territories. Many of our Team Members have been with HireRight for a long time. But that’s not all, you will get additional benefits like:- Christmas Bonus- Additional Holidays: Holy Thursday & Friday, Mother’s Day, Day of the Dead and Virgin of Guadalupe.- Food Voucher + Meal Bonus- Generous Vacation Program- Monthly Transportation Allowance / Payment of Teleworking Expenses- Insurance for major medical expenses- Business Casual Attire- Generous Referral Program- Professional Growth**HireRight, LLC is an Equal Opportunity Employer****Minorities / Females / Veterans / Disabilities**LI-REMOTE