Work across multiple Delta portfolios, projects, and technology areas in assessing third party solutions ? Participate in vendor risk management activities including but not limited to third party risk assessments, contract review and termination activities ? Create meaningful reports to effectively communicate and relate security, compliance, and/or governance-related concepts and controls across a variety of audiences including non-technical audiences ? Track identified findings of non-compliance with Delta Information Security Standards to remediation or to an acceptable level of risk
One or more of the following certificates highly desired: CISA, CRISC, CISM, CISSP ? 5+ years of direct work experience performing third-party cyber risk assessments ? Experience/knowledge of SOC reports, ISO certification, PCI report of compliance and other independent attestation report for service providers ? Foundational knowledge of common security control frameworks, e.g., ISO, NIST, CIS Controls ? Demonstrate strong teamwork and interpersonal skills to all levels of organization