About the Role:
This role plays an integral part in the risk managmeent for our third party vendors. The team will work with our vendors to identify any IT risks gaps associated with their platforms and confirm adherence to the BBVA Compass IT Risk Policy.
This is a great opportunity for anyone in Risk MAnagement with an interest in IT or anyone in IT interested in risk mitigation.
The daily functions would include:
- Perform targeted vendor information security reviews and assessments
- Perform data center site visits when necessary
- Address audit related matters when needed, including oversight, internal facilitation, review and remediation efforts
- When necessary assist in the development of information security policies and standards to align with the policy framework
- When necessary assist with development of technical and process related documentation, including operating procedures, control manuals, business requirement documents
- Participate actively in the risk management process.
- When necessary assist in the development of internal compliance and risk dashboards
- Perform remediation activities for areas of information security non-compliance and monitor implementation progress (as necessary)
- Assist with the routine reporting of compliance initiatives and remediation activities
- Engage with stakeholders cross organizationally to ensure vendor information security issues or inquiries are properly addressed
- Demonstrate entry level knowledge in ISO, COBIT or other information security / IT controls frameworks