about randstad

Randstad is the world’s largest talent company and a partner of choice to clients. We are committed to providing equitable opportunities to people from all backgrounds and help them remain relevant in the rapidly changing world of work. We have a deep understanding of the labor market and help our clients to create the high-quality, diverse and agile workforces they need to succeed. Our 46,000 employees around the world make a positive impact on society by helping people to realize their true potential throughout their working life.

Randstad was founded in 1960 and is headquartered in Diemen, the Netherlands. In 2022, in our 39 markets, we helped more than 2 million people find a job that feels good and advised over 230,000 clients on their talent needs. We generated revenue of €27.6 billion. Randstad N.V. is listed on the NYSE Euronext (symbol: RAND.AS). For more information, see www.randstad.com  

Vendor Compliance Security Risk Analyst

Location: Atlanta, Georgia US

Notice

This position is no longer open.

Job Number: 27635

Workplace Type: On-site

Employment Type: Full Time Associate

Position Title: Inform Security Risk Analyst

External Description:

The Vendor Compliance Security Risk Analyst will be responsible for administering and helping to mature Randstad’s third party supplier/vendor security risk management capabilities as a member of Randstad’s  Enterprise Risk and Security Team. The responsibilities will include:

  • Evaluating third party supplier/vendors data protection and security risk management capabilities and practices by conducting security and data protection risk assessments of third party suppliers/vendors and leading the interactions with suppliers/vendors to obtain risk treatment decisions and appropriate risk mitigation solutions.
  • Articulating and transposing risk assessment results into clearly understandable business impacts and socializing these terms to assist business and IT stakeholders in evaluating and determining if proposed risk treatment options are appropriate.  
  • Effectively communicating risks to internal business sponsors, suppliers, and other internal business and IT stakeholders to ensure business relationships being considered with suppliers do not negatively impact the company’s best interest or ability to meet regulatory or contractual data protection and information security obligations.
  • Working with suppliers and internal business sponsors to address security risk concerns and gap remediation in a timely manner.
  • Providing risk-based guidance to internal business sponsors and supplier/vendor representatives to ensure their full understanding, acceptance, and commitment to remediate risks identified during risk assessments to acceptable levels.
  • Providing risk assessment results input to the corporate procurement and contract compliance teams to assist in the negotiation of supplier contracts, with regard to data protection, IT and information security requirements.
  • Assisting the Director, Enterprise Risk and Security to develop third party risks reporting metrics to demonstrate volume, risk levels, and risk trending of all third party supplier security risk assessment activities.
  • Making recommendations and implementing changes to mature and increase the effectiveness of the supplier/vendor security risk management program.

What we’re looking for...

Required:

  • Bachelor’s degree in Information Systems or IT related field or equivalent work experience
  • 5 – 7 years of relevant work experience in IT/Information Security Risk Management
  • 5+ years experience conducting third party supplier/vendor due diligence and vendor security assessments
  • Demonstrated understanding of data privacy, IT and cyber security risk management concepts, assessment methodologies, and emerging technologies
  • Demonstrated experience utilizing automated and manual risk assessments tools and templates
  • Demonstrated experience and strong familiarity with conducting Technical Risk Assessments
  • Relationship focused and demonstrated ability to effectively translate and communicate risks to different stakeholder groups within various levels of an organization
  • Effective written documentation and organizational skills
  • Good customer facing business acumen

Preferred:

  • Certifications: CISSP, CISA, CISM or willingness to obtain within 9 months of start date.
  • Demonstrated knowledge of multiple IT and info security risk areas, such as Identity and Access Management, Technical Vulnerability Management, SDLC and Secure Coding principles, and Security Awareness and Training Education
  • Experience with ISO 27001-2, COBIT 5, and other controls frameworks and standards
 
Get to know us and find out "What More Could You Do" at Randstad
 
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.  

City:

State:

Community / Marketing Title: Vendor Compliance Security Risk Analyst

Company Profile:

EEO Employer Verbiage:

EEO Employer Verbiage Displays here

Location_formattedLocationLong: Atlanta, Georgia US