Senior Security Analyst, Vendor Risk Management
Delta Air Lines, Inc.
Nơi làm việc
Atlanta, GA, USA
Hình thức tuyển dụng
Toàn thời gian
Chi tiết công việc
Senior Security Analyst, Vendor Risk Management
United States, Georgia, Atlanta
Information Technology
22-Feb-2023
Ref #: 19748
LinkedIn Tag: #LI-MW1
How you'll help us Keep Climbing (overview & key responsibilities)
Delta IT is on a journey of transformation. We are changing the way we do business from top to bottom. As leaders with vision within Delta, we strive to build important and innovative solutions and are looking for team members to help us realize our vision.
Delta employees are problem solvers, doers, innovators.
We are proactive.
We are collaborative.
We deliver impact to our customers.
Join us on our transformation journey in becoming a best-in-class IT organization at the world's best airline!
As a member of the IT Risk team within Delta's Information Security Governance, Risk, and Compliance organization, you'll proactively identify, analyze, and remediate information security and technology risks throughout the third-party lifecycle (planning, due diligence, contract adherence, transition, continuous monitoring, and offboarding). You'll also have the opportunity to partner with IT Portfolios (Infrastructure and Reliability, Architecture, Channels Technology), key functional partners (Legal, Privacy, Corporate Audit) and external assessors.
Delta's Information Security Governance, Risk, and Compliance (GRC) team is actively working to implement a controls-focused mindset, shift our approach from a compliance focus to a risk focus, and establish meaningful metrics to truly measure Enterprise Risk and the effectiveness of the Information Security practice. We have the opportunity to drive meaningful change through a well-established, well-respected company leading the aviation industry.
Responsibilities:
- Participate in vendor risk management activities including but not limited to third party risk assessments, gap analysis, contract review, vendor breach and termination activities, and partner with internal stakeholders to monitor vendors.
- Perform data analytics and create meaningful reports to effectively communicate outcomes from vendor management activities and relate security, compliance, and/or governance-related concepts and controls across a variety of audiences including non-technical audiences
- Identify and communicate findings of non-compliance with Delta Information Security Standards and track to remediation or to an acceptable level of risk
- Continuously work to improve the overall Vendor Risk Management Program through identifying opportunities and leading participating in implementation activities
- Provide guidance to the business, Strategic Sourcing and other stakeholders to ensure requirements of VRM are fully understood.
- Serve as the subject matter expert in interpreting requirements and improve awareness of Operational Risks faced by Business from vendor's failure/poor performance
- Stay informed about the latest developments in the vendor risk management field.
- Perform any other job-related instructions, as requested, with reasonable accommodation.
Why You'll Love Delta!
Our culture is rooted in a shared dedication to living our values - Honesty, Integrity, Respect, Perseverance, and Servant Leadership - every day, in everything we do. Exploring a career at Delta gives you a chance to see the world while providing great bene?ts to help you keep climbing along the way:
- Competitive salary, industry-leading pro?t sharing, and 401(k) with generous direct contribution and company match
- Comprehensive health & wellness bene?ts including medical, dental, vision, short/long term disability and life bene?ts
- Domestic and International Flight privileges for employees and eligible family members
- Career development programs are available for your long-term career goals
- Access to subsidized and vetted Backup Care for children, adults, and pets through Care.com
What you need to succeed (minimum qualifications)
- 5 or more years of experience with information technology security programs, audits, controls and/or third-party risk management
- Ability to identify and assess IT security controls against Delta policies and standards and Federal/State Regulatory requirements and identify and communicate gaps
- Exceptional written and verbal communication skills
- Advanced computer skills including Microsoft Office suite and other business-related software programs
- Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment
- Proven analytical / problem solving skills and ability to work with cross-functional teams
- High School diploma, GED or High School Equivalency.
- Embraces diverse people, thinking and styles.
- Consistently makes safety and security, of self and others, the priority.
- Where permitted by applicable law, must have received or be willing to receive the COVID-19 vaccine by date of hire to be considered for U.S.-based job, if not currently employed by Delta Air Lines, Inc.
- Demonstrates that privacy is a priority when handling personal data.
What will give you a competitive edge (preferred qualifications)
- Bachelor's Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security
- Key industry certifications such as CISA, CISM, CISSP, CRISC, etc.
- Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc.
- Familiarity with third party information security attestations/certifications such as SOC I/II reports, ISO, PCI-DSS, SOX.
- Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessments
- Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics
- Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business
- Experience with RSA Archer
Delta Air Lines, Inc. is an Equal Employment Opportunity / Affirmative Action employer and provides reasonable accommodation in its application process for qualified individuals with disabilities and disabled veterans. If you are a qualified individual, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings through this site, apply for jobs through Delta's online system, or at any point in the selection process. To request a reasonable accommodation, please click here
