Analyst I, Vendor Security Oversight

Resurgent Capital Services•Greenville, SC

About The Position

The Vendor Security Oversight Analyst I is responsible for assessing and analyzing the information systems, platforms, operating procedures, and internal controls of vendors that provide services to Resurgent Capital Services to help ensure the protection, confidentiality, and integrity of data that is processed, stored, or shared. This role conducts reviews and makes recommendations to help ensure effective security controls are in place while maintaining adherence to all applicable security standards, procedures, and guidelines. The analyst also prepares reports summarizing assessment observations and shares results with management.

Requirements

One to three years of experience with IT/Security internal controls, specifically related to infrastructure, applications, operating systems, and/or database security, is preferred.
Experience and/or knowledge of IT regulatory requirements and frameworks, including COSO, GLBA, PCI DSS, NIST, CIS, and ISO 27000, is preferred.
Strong professional presence with the ability to represent the organization effectively.
Excellent verbal and written communication skills are required.
Ability to interact effectively with personnel at all levels of the organization.
Strong analytical, organizational, and problem-solving skills.
Exceptional attention to detail.
Ability to prioritize and manage multiple projects simultaneously.
Ability to apply sound judgment and analytical skills to interpret information, identify potential process breakdowns, and assess their impact.
Punctual, dependable, and accountable.
Ability to work in a high-volume, deadline-driven environment while ensuring compliance with all internal policies and procedures.
Proficiency in a Windows environment, with working knowledge of Microsoft Office products; SQL experience is a plus.
Self-motivated, with the ability to work successfully both independently and within a team environment.

Nice To Haves

Experience with GRC and/or TPRM platforms, such as ProcessUnity, Archer, or ServiceNow, is a plus.
CISA, GSNA, CTPRA, or CTPRP certifications are preferred.
Candidates with other recognized industry certifications, such as CompTIA A+, Network+, or Security+, are also encouraged to apply.

Responsibilities

Conduct information security due diligence assessments for Resurgent’s vendors.
Execute assessments in an efficient, timely, and professional manner.
Independently assess new and existing vendors to ensure processes are efficient, accurate, and aligned with relevant security standards.
Conduct staff interviews, review documentation, develop observations, and communicate findings to management and vendors through well-written reports.
Manage follow-up on open risk issues and facilitate agreements with business process owners to ensure the timely closure of action plans.
Perform other external assessment-related duties as assigned or as business needs require.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume