IT Operations Specialist I - 3RD Party Risk Review

About The Position

Requirements

• Accredited four (4) year degree or global equivalent in applicable field of study and five (5) years of work-related experience or a combination of education and directly related experience equal to nine (9) years if non-degreed; some locations may have additional or different qualifications in order to comply with local requirements
• Ability to communicate effectively with audiences that include but are not limited to management, coworkers, clients, vendors, contractors, and visitors
• Job related technical knowledge necessary to complete the job
• Ability to learn and apply knowledge of applicable local, state/province, and federal/national statutes and guidelines
• Ability to attend to detail and work in a time-conscious and time-effective manner

Nice To Haves

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Relevant industry certifications such as CISSP, CISM, or similar
• Proven experience (5 years) as an IT Security Analyst or similar role, with a focus on application security, Azure Active Directory, conditional access policies, and single sign-on (SSO) configurations
• Ability to effectively adapt to rapidly changing technology and apply it to business needs
• Demonstrated strong technical and non-technical communication skills, both oral and written
• Strong team-oriented interpersonal skills
• Strong understanding of software development processes and the ability to identify security issues in code and design
• Familiarity with OWASP Top Ten vulnerabilities and ability to assess and mitigate associated risks
• Proficiency in scripting or programming languages (e.g., Python, JavaScript, Java) is a plus
• Excellent communication skills to convey complex technical concepts to non-technical stakeholders
• Strong problem-solving skills
• Strong organizational skills and attention to detail, especially concerning note taking when evaluating applications and attending meetings
• Organize and prioritize a variety of projects and multiple tasks in an effective and timely manner, set priorities, and meet deadlines

Responsibilities

• Conduct thorough risk assessments of new and existing applications, identifying potential vulnerabilities and security gaps
• Analyze and interpret security assessment findings, and provide actionable recommendations to mitigate identified risks
• Collaborate with software development teams to implement security best practices and ensure secure coding standards are followed
• Stay up-to-date with the latest threats, vulnerabilities, industry trends, and integrate this knowledge into the risk assessment process
• Participate in security reviews to evaluate and validate the effectiveness of security controls
• Provide technical expertise and guidance to support incident response efforts related to application security incidents
• Review and validate contracts, Statements of Work (SOW), and Data Processing Agreements (DPAs)
• Develop and maintain DLP policy standards, reusable templates, naming conventions, and engineering runbooks
• Partner with Legal, Privacy, HR, Compliance, and Security teams to translate requirements into actionable DLP controls, evidence collection, and defensible audit artifacts.
• Other duties as assigned

Benefits

• medical, dental and vision plans
• EAP
• disability coverage
• life insurance
• AD&D
• voluntary benefit plans
• 401(k) with a company match
• paid time off (personal, bereavement, sick, holidays) for salaried employees
• paid sick leave per state requirement for craft employees
• parental leave
• training and development courses