Sr. Information Security Analyst
UPS Has A Wide Range Of Roles To Help Your World Work Better.
We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.
About Information Security at UPS Technology:
Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends. They protect the vast trove of valuable data that passes through our servers each day. As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.
About this role:
The Sr. Information Security Vendor Assurance Analyst conducts vendor security assurance and compliance reviews on select groups of third party vendors. The Analyst will review vendor contracts and security agreements to understand the vendors security assurance commitment to the company. Following the contract review, the Analyst will prepare and initiate a vendor audit facilitated by electronic survey's and questionnaire assessments, interviews and security reviews. He/She will:
- Identify Vendor key points of contact, establish communication channel.
- Initiative audit overview meetings and schedule audit.
- Manage audit time line for questionnaire, interview, evidence verification, and on-site audit phases.
- Contributes to the development of the information security requirements of vendor and customer contracts to ensure UPS's information assets are protected, and all terms follow UPS standards and compliance obligations.
- Ensure all vendor controls meet company standards for confidentiality, integrity, availability and defense in depth security principles.
- Provide immediate security control remediation response in all cases where vendors are found to be deficient or non-compliant.
- Experience gathering information from a range of different sources, developing and creating search queries.
- Automating searches and querying, tuning large data sets. Experience in using Shared Assessments Program Tools and/or questionnaire based vendor auditing tools.
- Experience using GRC tools and technologies for audit support and vendor governance management.
- Advanced Experience with Auditing Controls, I.T. Auditing fundamentals, Vendor Cybersecurity Analysis & Documentation.
- Candidate must have excellent organization skills and be a self-motivated learned.
- Bachelor's degree in Information Technology, Information Security, Computer Science, Auditing or equivalent.
- CISA, CRISC, CISM, or CISSP certifications preferred.
- Demonstrated advanced verbal and written communication skills.
- Excellent organization skills and be a self-motivated learned.
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
UPS is an equal opportunity employer – race/color/religion/sex/national origin/veteran/disability/sexual orientation/gender identity
Logistics, Distribution, Freight, International Trade Management, Express Package Pickup, Delivery & Tracking Data
Company Type: Public Company
Company Size: 10,001+