S

Information Security Client & Vendor Risk Manager

Saltu Staffing • United State
Remote
Apply
AI Summary

We are seeking an experienced Information Security Client & Vendor Risk Manager to lead the firm's client and vendor risk management program. The successful candidate will serve as the primary point of contact for information security due diligence, client security assessments, and third-party vendor reviews. The ideal candidate will have 6+ years of experience in Information Security, Vendor Risk, Cybersecurity Compliance, or Governance, Risk & Compliance (GRC).

Key Highlights
Lead the firm's client and vendor security due diligence program
Conduct enterprise-level vendor risk assessments and review security documentation
Partner with internal stakeholders on security requirements, contracts, and risk mitigation
Key Responsibilities
Lead the firm's client and vendor security due diligence program
Conduct enterprise-level vendor risk assessments and review SOC 2, ISO 27001, and other security documentation
Partner with internal stakeholders on security requirements, contracts, and risk mitigation
Support client security audits, RFPs, and compliance reviews
Develop and enhance vendor risk frameworks, workflows, and monitoring processes
Stay current on cybersecurity regulations and emerging industry risks
Mentor junior team members and drive continuous process improvements
Technical Skills Required
Information Security Vendor Risk Cybersecurity Compliance
Benefits & Perks
Fully Remote work arrangement
Nice to Have
Professional certifications such as CISSP, CISM, CISA, CRISC, CTPRA, or ISO 27001 Lead Implementer/Auditor

Job Description


We're partnering with a leading international Am Law firm to identify an experienced Information Security Client & Vendor Risk Manager to join their Information Security team.


This individual will own the firm's client and vendor risk management program, serving as the primary point of contact for information security due diligence, client security assessments, and third-party vendor reviews. You'll work cross-functionally with Information Security, Procurement, Legal, and firm leadership to strengthen the firm's security posture while supporting client and regulatory requirements.


Responsibilities:

  • Lead the firm's client and vendor security due diligence program
  • Conduct enterprise-level vendor risk assessments and review SOC 2, ISO 27001, and other security documentation
  • Partner with internal stakeholders on security requirements, contracts, and risk mitigation
  • Support client security audits, RFPs, and compliance reviews
  • Develop and enhance vendor risk frameworks, workflows, and monitoring processes
  • Stay current on cybersecurity regulations and emerging industry risks
  • Mentor junior team members and drive continuous process improvements


Qualifications:

  • 6+ years of experience in Information Security, Vendor Risk, Cybersecurity Compliance, or Governance, Risk & Compliance (GRC)
  • Strong knowledge of SOC 2, ISO 27001, NIST CSF, HIPAA, GLBA, and privacy regulations
  • Experience leading enterprise vendor risk assessments and client security reviews
  • Excellent communication skills with the ability to present to executive leadership and clients
  • Professional certifications such as CISSP, CISM, CISA, CRISC, CTPRA, or ISO 27001 Lead Implementer/Auditor required


Location: Fully Remote (occasional travel for business or team meetings)


If you're interested in learning more, feel free to apply or send me a message directly.


Similar Jobs

Explore other opportunities that match your interests

Senior .NET Full Stack Developer

Programming
•
2m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Bright Vision Technologies

United State

Chief Strategy and Growth Officer

Programming
•
5m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Executive

cinereach

United State

Senior Full Stack Engineer

Programming
•
12m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Rise Technical

United State

Subscribe our newsletter

New Things Will Always Update Regularly