We are looking for a highly skilled resource proficient in Information Security domain. This is for our Vendor and Client Security team within the Information Security Department. The candidate is expected to perform the following responsibilities:

 

The responsibilities include but are not limited to:

Complete client security questionnaires, answer follow-up questions and participate in client audits at the request of the businessConduct vendor security due diligence assessments to verify a vendor’s information security & privacy capabilities by providing security/privacy risk assessment questionnaires, analyzing responses, and creating final assessment reports Conducting continuous monitoring of our most critical vendors and work with them on remediation of vulnerabilities identifiedComplete client security questionnaires, answer follow-up questions and participate in client audits at the request of the businessPartner with business and other stakeholders to ensure risks are clearly articulated in a manner that is understood by business and technology audiencesWork with the business to track the remediation to close out any vulnerabilities identified by clientsReview contracts and master service agreements as requested to ensure appropriate security language is presentProvide support in the development, implementation and maintenance of the Information Security programParticipation, as required, during internal and external audits related to SOC2, ISO 27001/27701, etc.Familiar with routine content of Information Security policies in order to support annual reviews and updatesPerform general administrative duties as necessary to support Information Security operations

 

Necessary requirements:

Minimum 3-5 years of experience in Information Security related positionsBachelor's degree in a related field from an accredited college or universityGood English written and verbal communication skillsThorough understanding of, and experience with, Information Security program development, maintenance and governanceStrong research skillsAbility to plan and execute with minimal oversightAbility to multi-task and prioritize tasks across a range of projects, adjusting to shifting prioritiesExcellent time management and organization skillsStrong personal integrityDemonstrate commitment to obtaining outstanding resultsWillingness to work various hours to support global business usersPrior working knowledge of the ProcessUnity Vendor Risk Management Tool is a plusPrior working knowledge of the Bitsight cybersecurity ratings practice is a plus

 

About Kroll

 

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answering all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

 

Kroll is the premier global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals balance analytical skills, deep market insight and independence to help our clients make sound decisions. As an organization, we think globally—and encourage our people to do the same.

 

Kroll is committed to equal opportunity and diversity, and recruits people based on merit.

 

In order to be considered for a position, you must formally apply via careers.kroll.com

 

#LI-AT1

#LI-Hybrid