Infosec - Third Party Risk Assessment at Whatfix

See all the jobs at Whatfix here: http://whatfix101.recruiterbox.com/jobs

Infosec - Third Party Risk Assessment

Bengaluru, Karnataka, India | Information Security | Full-time

Apply by: No close date

Title: Vendor Risk specialist
Department: Information Security
Reports to: Compliance Lead

Whatfix is the #1 Digital Adoption Platform (DAP) for Enterprises. We are disrupting the way Learning, Training and Application Support content is consumed. We provide large enterprises (Mostly Fortune 500 companies) with a SaaS platform that helps accelerate product adoption and reduce support & training efforts by providing contextual and step by step guidance inside any web application at the exact time a task is being performed. The product has redefined the way companies onboard, train, and provide support to users.

What sets us apart from the rest?
With over 100 of the Fortune 500 companies already onboard as customers, Whatfix has been named among the top 20 B2B tech companies.
With a YoY growth of 300%, we have also been recognized among the top 50 fastest growing SaaS companies worldwide in the SaaS 1000 list and as a Market Leader by Gartner in the Digital Adoption space.
We are pleased to have an Employee rating of 4.6 on Glassdoor and our Customer obsession can be clearly seen in our reviews on platforms like G2 Crowd & Gartner Peer Insights.
The employees are happy, the customers are happy, but what about the investors? Take a look for yourself - Sequoia Capital || Stellaris || Cisco Investments || Eight Roads || Helion Ventures

Performing Vendor Security due diligence, risk assessments, Vendor risk tracking and Coordinate with the Business owners in Risk remediation associated with the vendors.
Provide guidance to the business to ensure requirements of VRM are fully understood.
Establish a baseline of vendor risk, identify areas of potential exposure, develop and align vendor risk management strategies with Organisation’s goals and objectives, and execute programs ensuring consistency.
Support the design and implementation of a common and consistent vendor risk management (VRM) program to effectively manage vendor risk in accordance with internal policy and applicable Regulatory requirements.
Maintain a structured internal governance framework, to ensure effective oversight of vendor risk and procurement compliance.
Help ensure strong oversight of all vendors' risks and provide business partners visibility of existing and emerging risks.
Present reporting of high risk vendor contracts and procurement high risks / ineffective controls and highlight vendor risks and the action planned to address inadequate controls to executive management.
Lead assessment of vendor risk via pre-contract due diligence, develop mitigation plan and partner with internal stakeholders to monitor vendors.
Prepare and complete annual risk assessments and assist with internal stakeholders as required.
Partner with Business Units & internal support functions to help ensure that all risk assessment and mitigation requirements have been met; risk is monitored & mitigated throughout testing/ development/ implementation and use.
Support Vendor selection and contracting on major sourcing efforts and reassess the risks associated with a vendor relationship prior to the renewal of contract agreements.
Collaborate with the business to develop disaster recovery and business continuity plans for high risk high exposure vendor relationships
Identify and communicate departmental vendor risk issues and compliance problems.
Work with Business Owners, SME to monitor and close all action items from risk assessment findings.
Provide & maintain vendor risk reporting mechanisms, and track and report outcomes from vendor management activities.
Collect, organize, and distribute reports & documents & recommend enhancements to reporting & audit tools
Analyze, update, and modify procedures and processes to identify and continuously implement vendor risk management process improvements.
Stay informed about the latest developments in the vendor risk management field.
Support development and execution of a robust communication and training plan to facilitate the effective application and awareness of VRM.

Skills and Experience Required:
● Education: Bachelor's degree required; any certifications on risk management will be an added advantage
● Experience: Minimum 2-5 years experience in vendor risk management
● Experience in Information Security, Audit, Risk Management & Compliance/Vendor Assessments
● Proven experience in Risk Assessment Program. Methodologies, Frameworks and Controls to contain exposure due to Risks
● Ability to independently handle projects and interact with vendors and internal stakeholders
● High energy individual with ability to deal with ambiguity
● Superior analytical and communication skills
● Knowledge/Work experience on any Vendor Risk Management tool
● Good command of written and verbal business English

Apply by: No close date

See all the jobs at Whatfix here: http://whatfix101.recruiterbox.com/jobs

Apply for this opening at ?apply=true

See all the jobs at Whatfix here: http://whatfix101.recruiterbox.com/jobs

Application Form