Security Assessment Specialist (Third Party Risk Management)

Accenture is a leading global professional services provider, covering a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions—underpinned by the world’s largest delivery network—Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 740,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives.

What will you do:

• Conduct risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST.
• Identify potential security threats.
• Develop and implement risk management strategies, and ensure compliance with ISO 27002 standards.
• Analyze and evaluate security controls and policies (evidence).
• Recommend mitigation actions related to identified risks.
• Report and communicate identified risks to stakeholders.
• Monitor of status of implementation of mitigation actions and support.
• Provide expert guidance and support to the project team.

• Hybrid work.
• Permanent employment contract or B2B (depends on the role).
• Private medical care, life insurance and employee share program.
• Access to the MyBenefit platform (possibility of using a wide range of products and services, including the Multisport card).
• Individual support of a People Lead and a specific path of professional development, as well as the possibility of a session with a Coach.
• A wide training package (soft, technical and language training offer, access to the e-learning platforms, possibility of co-financing courses and certification).
• Employee Assistance Program - legal, financial and psychological consultations.
• Paid employee referral program.

As part of this announcement, we propose the possibility of hybrid work, understood as working from home, where possible visits to the office will depend on project circumstances. For people working in this mode, we provide exactly the same development path and opportunities as for people working from offices, as well as physical integration meetings. If you have any questions or doubts, we encourage you to apply and contact us directly.

• 2+ years of experience in security assessments or cyber risk management (ideally including TPRM).
• Master proficiency in Third Party IT Risk Management and expert proficiency in ISO 27002.
• Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security).
• Knowledge of security assessments methodology.
• Communication skills.
• Good self-organization.
• Good English skills (at least B2 level).
• Analytical and problem-solving skills.
• Practical understanding of IT security standards such as ISO27001, NIST, OWASP.

Nice to have:

• General understanding of IT & security technologies.
• Certifications such as CISA, CISSP or CISM.