Analyst I, Vendor Security Oversight
Resurgent Capital Services · Greenville, SC · 1 mo ago
Information TechnologyFull-time
Roles & Responsibilities
- Conduct information security due diligence assessments for Resurgent’s vendors.
- Execute assessments in an efficient, timely, and professional manner.
- Independently assess new and existing vendors to ensure processes are efficient, accurate, and aligned with relevant security standards.
- Conduct staff interviews, review documentation, develop observations, and communicate findings to management and vendors through well-written reports.
- Manage follow-up on open risk issues and facilitate agreements with business process owners to ensure the timely closure of action plans.
- Perform other external assessment-related duties as assigned or as business needs require.
Skills & Qualifications
- One to three years of experience with IT/Security internal controls, specifically related to infrastructure, applications, operating systems, and/or database security, is preferred.
- Experience and/or knowledge of IT regulatory requirements and frameworks, including COSO, GLBA, PCI DSS, NIST, CIS, and ISO 27000, is preferred.
- Strong professional presence with the ability to represent the organization effectively.
- Experience with GRC and/or TPRM platforms, such as ProcessUnity, Archer, or ServiceNow, is a plus.
- The ideal candidate will have broad experience across multiple areas of IT.
- Excellent verbal and written communication skills are required.
- Ability to interact effectively with personnel at all levels of the organization.
- Strong analytical, organizational, and problem-solving skills.
- Exceptional attention to detail.
- Able to prioritize and manage multiple projects simultaneously.
- Able to apply sound judgment and analytical skills to interpret information, identify potential process breakdowns, and assess their impact.
- Punctual, dependable, and accountable.
- Ability to work in a high-volume, deadline-driven environment while ensuring compliance with all internal policies and procedures.
- Proficiency in a Windows environment, with working knowledge of Microsoft Office products; SQL experience is a plus.
- Self-motivated, with the ability to work successfully both independently and within a team environment.
- Travel is required up to 25%, domestic only.
- CISA, GSNA, CTPRA, or CTPRP certifications are preferred.
- Candidates with other recognized industry certifications, such as CompTIA A+, Network+, or Security+, are also encouraged to apply.