Cyber Security Analyst (Thurd-Party Risk)

Title: Cyber Security Analyst (Third-Party Risk)
Location: Owings Mills, MD
Duration: 12 month Contract to Hire
Compensation: $61/hour W2, Conversion Salary $119,000
Work Requirements: US Citizen, GC Holders, or GC EAD

Job Description:
Purpose:
To ensure the organization's data remains protected from inappropriate access, disclosure and/or damage buy assessing, documenting, and socializing risk.
Essential Functions:
60% Assess third party cybersecurity controls, identify gaps, evaluate mitigation strategies / action plans and manage them to closure.
20% Manage and maintain the third party security risk continuous monitoring program and develop metrics for reporting
10% Identify ineffective, inadequate, or absent third-party security controls and quantification of risk to our client
10% Lead risk analyses efforts to ensure consistency in the detailed risk assessment lifecycle inclusive of identification, socialization, mitigation, and closure.
Responsibilities:

• The Third-Party Risk Analyst will be responsible for collaborating with internal and external vendor teams to assess, monitor, and manage risks associated with third-party relationships.
• This role requires a keen eye for detail, strong project management and analytical skills, and the ability to effectively document findings and recommendations.
• Work with business teams to conduct thorough assessments of third-party vendors to identify potential risks to the organization.
• This includes evaluating their security practices, data handling procedures, and regulatory compliance (e.g., HIPAA).
• Prepare detailed risk assessment reports, clearly articulating findings and recommendations.
• Maintain a comprehensive repository of all third-party risk assessments and associated documentation.

Skillset / Experience:
Qualifications:

• Experience: 5 years relevant Information Security experience.
• Education Level: Bachelor's Degree in Computer Science, Cyber Security, Information Technology, or related field. In lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience. Preferred Qualification: Advanced degree

Knowledge, Skills and Abilities (KSAs):

• Ability to manage multiple tasks and deliverables with minimal supervision., Expert
• Ability to explain technical information to technical and nontechnical personnel., Advanced
• Knowledge of cyber security related risk management techniques., Advanced
• Knowledge of network architecture and firewall security., Expert
• Understanding of business needs and commitment to delivering high-quality, prompt, and efficient service., Expert

Licenses/Certifications:
CISSP – Certified Information Systems Security Professional Upon Hire Pref or
CRISC – Certified Risk and Information Systems Controls
CISM – Certified Information Security Manager Upon Hire Pref or
Certified Ethical Hacker (CEH) Upon Hire Pref
 
Our benefits package includes:

• Comprehensive medical benefits

• Competitive pay, 401(k)
• Retirement plan
• …and much more!

 
About INSPYR Solutions:
As a leading information technology partner, we connect top IT talent with our clients to provide innovative business solutions through our IT Staffing, Professional Services, and Infrastructure Solutions divisions. We understand and value the unique needs of highly-skilled information technology professionals in the industry and always strive to stay above the curve. Our company was founded on the following core values: Be the Best, Understand the Urgency, Never Ever Give Up, Have the Courage to Excel, and Make a Contribution. We take pride in our business model and strive to create a positive workplace environment through an exemplary culture.
 
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.