We are searching for a Third Party Risk Assessor for a banking client. This job is responsible for performing information security reviews of third parties that provide services to the bank. This includes pre-assessment, assessment, and/or remediation activities. Key responsibilities include validating assessment scope, partnering with enterprise vendor managers and third parties to prepare them for the assessment, collecting and reviewing documentation during the assessment, determining if information security controls are in place, and completing assessment workpapers. These roles execute information security assessments of high risk third parties who store, access or transmit confidential BAC data to determine if they meet BAC information security requirements. Job Duties: + Assessors examine a third party's program to determine if they meet BAC requirements, identifying control gaps that may expose BAC to risk. + Manage and maintain compliance risk findings/ gap documentation to communication to leaders the appropriate risk as a result of the assessment. + Opportunities to be involved in projects to improve processes & transform the assessment program. The opportunities will enable you to leverage and grow your leadership skills as you'll be expose to various internal stakeholders and industry partners. + Must be able to travel up to 50% (i.e. every other week 3-4 days a week). + The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps. + The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment. + The ability to assess the security, effectiveness, and practicality of technology systems. Technical skills include the domains of information security and business continuity including: + Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.) + IT Compliance, SOX Compliance + Change Management + Enterprise Risk Management + Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards Qualifications: + IT Security certifications are preferred (TOGAF, CSSLP, SCRUM Master, SAFe Architect, Network Security, PCNSE, Wireless, IAM/ADM, Cloud etc.) + 5-10 years of security experience across multiple technical disciplines: API Management, Cloud Security Architecture, Identity Management/Multi-factor/Directory Services, Routers/switches, Firewalls/VPN client, VPN tunnels, Endpoint Security Tools, Operating System Best Practices, Cloud Management Gateway, Patching, Mobility, or Device Management (MDM). + Ability to research new solutions to document best practices to ensure they are implemented and documented as part of the IT Security Reference Architecture. + Experience with Visio and/or similar architectural design systems. + Advanced proficiency in authentication, authorization, and security policies. + Advanced understanding of the practical ways to apply security standard methodologies in new situations. + Advanced understanding Cloud best practices on leveraging the capabilities to secure by design. + Intermediate knowledge of cloud security products as part of a cloud strategy. + Intermediate knowledge of on-prem and cloud Directory Services, SSO, SAML, and MFA. + Intermediate knowledge of network switches, routers, firewalls, DMVPN, S2S IPSEC VPN, and HTTPS client VPN. + Basic awareness of SASE solutions to provide least privilege/RBAC access. + Basic knowledge of OT systems as they pertain to the IE62443 for ICS Security. + Takes ownership of actions and follows through on commitments by holding others accountable and standing up for what's right. + Delivers positive results through realistic planning to accomplish goals. + Builds effective solutions based on available information and makes timely decisions that are safe and ethical. + Documentation skills through both whitepapers and architectural diagrams to present the pros and cons, risk evaluation. Nice to Haves: + Compliance + Information security + Audit + PCI + Security policy Pay and Benefits The pay range for this position is $55.00 - $65.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and long-term disability• Health Spending Account (HSA)• Transportation benefits• Employee Assistance Program• Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully onsite position in Chicago,IL. Application Deadline This position is anticipated to close on Feb 28, 2025. About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.