UPS Information Security Analyst in Mahwah, New Jersey

Information Security Vendor Assurance Analyst

We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.

About Information Security at UPS Technology:

Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends. As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.

About this role:

The Information Security Vendor Assurance Analyst conducts vendor security assurance and compliance reviews on select groups of third party vendors. The Analyst will review vendor contracts and security agreements to understand the vendors security assurance commitment to the company. Following the contract review, the Analyst will prepare and initiate a vendor audit facilitated by electronic survey's and questionnaire assessments, interviews and security reviews. He/She will be responsible for:

  • Identify Vendor key points of contact, establish communication channel

  • Initiative audit overview meetings and schedule audit

  • Managing audit time line for questionnaire, interview, evidence verification, and on-site audit phases

  • Contribute to the development of the information security requirements of vendor and customer contracts to ensure UPS's information assets are protected, and all terms follow UPS standards and compliance obligations

  • Ensuring all vendor controls meet company standards for confidentiality, integrity, availability and defense in depth security principles

  • Provide immediate security control remediation response in all cases where vendors are found to be deficient or non-compliant

Minimum Qualifications:

  • Experience gathering information from a range of different sources, developing and creating search queries

  • Experience using GRC/IRM tools or similar technologies for audit support and vendor governance management

  • Experience with auditing controls, I.T. auditing fundamentals, vendor cybersecurity controls analysis and documentation

  • Candidate must have good organization skills and be a self-motivated learner

  • Advanced communication skills

Preferred Qualifications:

  • Bachelor's degree in Information Technology, Information Security, Computer Science, Auditing or equivalent

  • CISA, CRISC, CISM, or CISSP certifications preferred

This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.

UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law

Company: UNITED PARCEL SERVICE

Category: Technology, Information Systems, Information Management & Security, IT - Information & Security, Information Solutions

Requisition Number: 184410

Location: Mahwah,New Jersey