Cyber Security Risk Assessment Consultant

Title: Cyber Security Risk Assessment Consultant Location: Louisville, KY(Remote) Type: Contract Description • This role will conduct cyber security risk assessment and treatment on Third Parties for third party cyber risks. The role will be responsible for evaluating vendor responses, supporting documentation and evidence, reporting, and presenting the review for closure. • The work assignments are varied and frequently require interpretation and independent determination of the appropriate courses of action. Job Description • The role will be required to understand the department, segment, and organizational strategy and operating objectives, including their linkages to related areas. Makes decisions regarding own work methods, occasionally in ambiguous situations, and requires minimal direction and receives guidance where needed. Follows established guidelines/procedures. • The role will be responsible for, but not limited to, the following tasks: • Conduct cyber security risk treatment for Third Parties to client or its subsidiaries. • Provide recommendations to reduce vendor risk and follow-up to ensure remediation plans are timely, effective, and appropriately implemented • Report engagement status and results, both verbally and in writing, to management • Review and analyze technologies, processes, documentation, and data to identify any gaps in the effectiveness of TPM cybersecurity controls and operations • Presenting information, updates, results, etc. to associates and leaders • AI risk remediation will be a key focus Required Qualifications • Bachelor's Degree in Business, Information Technology, or a related field • Proficient understanding of and experience with audit, regulatory requirements, and standards (SOC2, ISO, HITRUST), and other related standards and certification processes required • A minimum of 3 years' experience in IT audit, compliance, and/or IT security • Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances • Excellent communication skills with the ability to influence others • Analytical and problem-solving skills • Must be passionate about contributing to an organization focused on continuously improving consumer experiences Preferred Qualifications • Knowledge of key compliance and IT frameworks such as: SSAE16 SOC2, HITRUST, SOX, etc. • Healthcare experience a plus but not required • Additional Industry Certifications: CISA, CISSP, HCISPP, CCSP, CISM, CTPRP, etc. Apply tot his job