Who We Are
Artmac Soft is a technology consulting and service-oriented IT company dedicated to providing innovative technology solutions and services to Customers.
Job Description
Job Title : Third-Party Risk Management (TPRM) Security Lead
Job Type : W2/C2C/1099
Experience : 10-20 Years
Location : Santa Clara, California
We are looking for a Third Party Risk Management (TPRM) Security Lead who will be responsible for collaborating with the Governance, Risk Management, Third Party Risk Management (TPRM), and Compliance programs to ensure our organization's security measures are robust and effective. You will play a key role in developing and implementing a Common Control Framework (CCF), performing security control assessments, and conducting risk assessments.
Responsibilities
- Minimum 3 years of experience working within an Information Security team
- Experience in building dashboards using Tableau and/or Google Looker
- Experience performing security control assessments and working with stakeholders to remediate gaps
- Strong knowledge in developing and implementing a Common Control Framework (CCF)
- Conducting risk assessments of entries in the CyberSecurity Risk Register
- General understanding of information security concepts and practices
- Basic knowledge and understanding of SOC-2, ISO27001, NIST, PCI-DSS, HIPAA, or other standards and frameworks
- Prior work experience with a company in the Technology sector or start-up environment
- Experience with Information Security Audits/Assurance functions
- Exposure to GRC tools (e.g., Archer, OneTrust, ServiceNow)
- Security certifications such as CISA, CISM, CISSP, or equivalent
- Ability to work and build strong relationships with cross-functional stakeholders
- Working knowledge of Google Workspace (Sheets, Docs, Drive, etc.)
- Strong verbal and written communication skills
- Quick learner who enjoys the challenge of analyzing and solving difficult problems
- Ability to multitask and prioritize among competing demands
- Develop and implement a Common Control Framework (CCF)
- Perform security control assessments and work with stakeholders to remediate gaps
- Conduct risk assessments of entries in the CyberSecurity Risk Register
- Provide a generalist approach to information security with a strong understanding of basic security concepts and practices
- Build and maintain dashboards using Tableau and/or Google Looker to support security metrics and reporting
Qualification
- Bachelor's degree or equivalent combination of education and experience
