Job Description

• Review and analysis of supplier security and privacy alignment with corporate standards. This includes analysis of the suppliers' policies, controls, processes, audit attestations, penetration testing outcomes and 3rd party audits.
• Coordinating and performing Supplier Security Reviews
• Performing supplier documentation review, and analysis
• Identifying and measuring the risk associated with vendor security controls
• Documenting and keeping track of findings associated with suppliers and tracking them to resolution
• Writing detailed supplier assessment reports based on completion of risk analysis and triaging

Job requirement

• Bachelor's degree in Computer science or equivalent
• 7+ years of experience in a job role requiring the review and analysis of supplier security and privacy alignment with corporate standards
• Ability to derive context from SSAE18 SOC1 and SOC2 reports, policy documents, architecture diagrams and other control evidence documents
• Good understanding of risk frameworks like ISO and NIST
• Hands-on use of Standardized Information Gathering (SIG) questionnaire and/or other industry standard security questionnaires to perform an initial assessment of vendors, gathering information to determine how security risks are managed
• Solid understanding for cloud security architecture and computing environments
• Ability to multi-task and perform multiple supplier assessment concurrently
• Have excellent analytics skills and experience
• Thorough understanding of data privacy legislation, such as GDPR and other country specific Data Privacy Regulations
• Understand requirements related to HIPAA and PCI-DSS

Cristina Malabuyoc Malijan EA License No. 02C3423 Personnel Registration No. R1111547

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.manpower.com.sg/privacy-policy