Third Party Risk Management Analyst III

---

Job description

Who We Are

Qwinix is a cloud-native consultancy and Google Cloud Partner. Driven by a distinguished engineering core, Qwinix works with clients to modernize their infrastructure, develop powerful digital experiences and processes, and strategically adopt innovative cloud solutions.

We are on a mission to close the gap between next and now. Through great people and great technology, we are able to solve the worlds most pressing problems and build remarkable experiences, processes, and products for our clients.

We pride ourselves on fostering a growth-centric culture through every step of a Qwinix employee's journey. From comprehensive onboarding practices to career development incentives, we strive to help our employees build a brighter tomorrow for themselves and their clients.

The Software Engineer will be working on our customer-facing application development teams in our Denver office. They will be working in an extremely collaborative and fast-paced environment helping to develop applications for our call centers and customers across the country.

Requirements

What You Will Do

High-level job responsibilities with Fortune 250 Client:

Partner with Business Units to identify, analyze and mitigate third party security risk associated with outsourced activities and products.

Provide third party security consultation for new and ongoing third party relationships.

Consult on defining third party security policies and best practices.

Educate and build awareness of third party security requirements.

Improve compliance with security standards and policies across third parties used across the enterprise.

Participate in testing and monitoring of security and privacy controls executed by third parties interacting with client data.

Lead security enhancement projects focused on new or changing third party relationships.

Maintain an inventory of third parties who possess and/or interact with client data, including key risk information about the relationship, data attributes involved, and regulatory compliance.

Support completion of client's information security review process for all new third parties, and annual reviews for all other relationships, that receive and/or interact with client data.

Monitor open third party security issues and remediation actions associated with security control gaps to ensure timely closure.

Continuously work to improve the overall Third Party Risk Management Program.

Who You Are

Competencies:

Project Management

Customer First Mentality

Strong Adaptability

Process Documentation Management

Process Mapping Development

Presentation Skills

Multitasking

General Risk Management Foundation

General Information Security Foundation

Can Interpret Regulations and Compliance Requirements

General Security Control Framework Foundation

Cross-functional Team Leadership

Skills:

Solid working knowledge of information security concepts and controls.

Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.

Ability to work independently with little direction and/or supervision.

Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.

Keen attention to detail with the ability to correct on the fly and work independently.

Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.

Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy and/or data security.

Education and Experience:

Bachelor's Degree and at least 3-5 years of directly related experience. Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.

Experience working in Third Party Risk Management preferred.

Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.

Other Qualifications:

Professional certification (CISA, CSIM, CIA or similar) is highly desired. Candidates who apply will be tested in several areas, including verbal/spelling, math/logic and business problem-solving, and must meet minimum standards to be considered for this position.

Experience working with contract documents is a big plus contract administration and management. Negotiation experience not necessary.

Where You Will be Located

Onsite - Denver, CO

What Action You Need to Take

If you are interested in this role, share your latest resume, or contact us now at

If this job is not aligned with your skill set, but you are looking for a new position, please contact us for a discussion on your next job by visiting us our career page

Alternatively, please feel free to share this job posting with your network and ask us about our referral program..