Security Analyst/ IT Auditor

We are hiring a Security Analyst/ IT Auditor for one of our clients. Details mentioned below :

Job overview and responsibility

Working Time: Monday - Friday, 8:00 AM - 5:30 PM (Flexible depending on each project)

About the project: We have a US client and they are seeking a Cybersecurity Analyst/IT auditor with a focus on vendor risk management to join our team. In this role, you will be responsible for assessing the security posture of third- party vendors to protect our organization/customers. You will work across a multi-tiered assessment program, using your analytical and communication skills to identify and document potential risks.

Vendor Risk Assessment:

- Conduct tiered assessments of vendors, ranging from a basic analysis to more complex evaluations (most of the focus will be on Tier 3 and Tier 2) - see below:

Analyze vendor reports and publicly available information to identify security red flags and potential vulnerabilities.

Review vendor-provided documentation, including Privacy Impact Assessments.

Documentation and Reporting:

- Summarize assessment findings and create comprehensive risk summaries in the customer-approved format(s).

- Ensure all documentation is accurate, well-structured, and free of grammatical or spelling errors.

- Maintain effective written communication with internal teams. Vendor communication will be handled by the customer.

Customer will interact with the Vendor(s):

- Distribute and collect required documents, methodologies, and other materials to the customer so that the customer can communicate with vendors for assessment purposes. Compliance and

Security Oversight:

- Adhere strictly to Customers security protocols, ensuring no data is extracted or exfiltrated without explicit approval.

- Identify and report on inappropriate security activities within other customer business units.

Required skills and experiences

- Proven background in cybersecurity/it auditor, specifically in vendor risk management or third-party risk assessments (at least 3 years of experience) - Strong analytical skills with the ability to review complex information and identify security risks. - Excellent written communication skills, with a high level of proficiency in English. - High attention to detail and a commitment to maintaining strict confidentiality. - Can be able to conduct overlap with our client in US time for 30 minutes/day.

Preferred skills and experiences

- Experience working with US teams before is a plus

Why Candidate should apply this position

- Performance appraisal twice a year.

- Attractive benefits (13th salary, distinguished employee of the quarter and year, seniority award) - 12 days off

- Lunch and parking allowance

- Healthcare and accident insurance

- Annual health check

- Working devices provided: Laptop and screen (If needed)

- Team Building activities in every summer, company trip, big annual year-end party every year, etc

- Fitness & sports activities: football, tennis, table tennis, badminton

- Commitment to community development: charity every quarter, blood donation, public seminars, career orientation talks

- Support for personal loans such as home loans, vehicle loans, tuition fees

Report to

Client (US based)

Interview process

1 round with tech team, 2-3 rounds with clients (online)