The individual will be responsible for assisting the Chief Information Security Office (CISO), which includes the Information Security and Third-Party Risk Management (TPRM) functions, under the direction of the Director Information Security. This position will lead the global Information Security Third Party Risk Management program, as well as, assist in maintaining the enterprise-wide Information Security program.
Documentation and Document Control
* Act Subject Matter Experts (SMEs) as required to gather, record, and document information about processes, procedures, and operations for Third Party Security Risk Management
* Use tools and platforms to store and archive documents and artifacts produced
* Administer creation, updating, and preparation of final versions of documents, including Policy, Standard Operating Procedures (SOP), Work Instructions
* Develop and maintain records of documentation, including dates, sources, versions, authors, etc. as appropriate and/or required
* Coordinate with CISO team and other teams as needed to identify areas of improvement for processes, procedures, workflows
Risk Assessment and Program
* Oversee all phases of the third-Party information security risk assessment and program
* Evaluate the third-party information security posture and help identify third party information security control gaps following IPG policies and procedures
* Oversight of the third-Party Remediation process and monitoring
* Oversight of the Exception Management process
* Assist CISO team with information security improvement projects
* Assist in special projects on an as-needed basis
* Administer information security training as required.
* Assist in drafting and distributing emails to global, regional, and agency IT leads
* Assist CISO team members with day to day support and questions that arise.
* Contribute to the Information Security program's goals and objectives.
* Manage various trackers and ensure they are up-to-date
* Assist in producing management metrics and dashboards
* Prepare data for analysis
Meetings and Presentations
* Assist in developing and updating presentations used for various meetings
* Setup and manage meetings and distribute minutes to attendees in a timely manner
* Bachelor's Degree in one of the following programs:
Management/Computer Information Systems (or equivalent)Information Assurance (or equivalent)
* Required experience in cybersecurity risk management
* Knowledge of IT and security controls required
* Preferably experience with Third Party security Risk Management
* Strong Microsoft Word, PowerPoint, Outlook, and Excel skills required (including use of pivot tables and V-lookups)
* Microsoft Visio and SharePoint experience preferred
* Strong interpersonal skills, ability to effectively interface with senior management, overall computer, analytical, organizational and time management skills
* Good written, listening and verbal communication skills
About Interpublic Group
The Interpublic Group of Companies (Interpublic Group, IPG) is a global provider of advertising and marketing services.