Cyber Security Engineer

Dear All,

Vertex Elite is currently seeking a qualified Cyber Security Engineer.

If you or someone you know is interested, please feel free to reach out for more details or share your updated resume.

Work Authorization : USC or Any valid USA work authorization

Job Type : W2 position with Vertex Elite LLC

Location : Salem, New Hampshire, United States

Roles and Responsibilities:

• Possess 12+ years of experience in Information Technology, with extensive expertise in Cyber Security, Information Security, Risk Management, and Compliance domains.
• Conduct comprehensive third-party/vendor risk assessments to identify, evaluate, and mitigate security, compliance, operational, and business risks.
• Review vendor security documentation, including security policies, SOC reports, ISO certifications, penetration test reports, and compliance attestations.
• Assess vendor security controls against industry-standard frameworks such as NIST Cybersecurity Framework (CSF), ISO/IEC 27001, and CIS Controls.
• Perform risk analysis and determine the potential impact of third-party relationships on the organization's security posture.
• Collaborate with procurement, legal, business, and technology teams throughout the vendor onboarding, due diligence, and risk assessment lifecycle.
• Identify security control gaps and develop risk mitigation strategies and remediation plans for vendors and internal stakeholders.
• Monitor remediation activities and ensure timely resolution of identified security and compliance findings.
• Evaluate and validate security controls through control testing, evidence reviews, and audit support activities.
• Support regulatory and compliance requirements, including SOX, GDPR, and other applicable standards and regulations.
• Review access management processes to ensure adherence to least-privilege principles, role-based access controls, and time-bound access requirements.
• Conduct periodic reviews of vendor risk profiles and recommend appropriate risk treatment actions.
• Prepare detailed risk assessment reports, executive summaries, risk registers, and dashboards for management and stakeholders.
• Participate in internal and external audits by providing security documentation, evidence, and compliance support.
• Maintain and improve Third-Party Risk Management (TPRM) policies, procedures, standards, and governance frameworks.
• Track emerging cybersecurity threats, vulnerabilities, regulatory changes, and industry best practices impacting vendor risk management.
• Partner with Information Security, Risk, Compliance, Audit, and Infrastructure teams to strengthen organizational security controls and governance.
• Provide strategic recommendations to enhance security posture, compliance readiness, and overall risk management effectiveness.
• Facilitate risk review meetings and effectively communicate security risks, findings, and remediation status to technical and non-technical stakeholders.
• Develop and maintain comprehensive documentation, policies, procedures, and control matrices related to cybersecurity and vendor risk management.
• Translate technical security risks into business-focused recommendations and actionable remediation plans for leadership and stakeholders.
• Support continuous improvement initiatives across cybersecurity governance, risk management, compliance, and third-party risk programs.

With Best Regards,

Varun Kumar | Vertex Elite LLC | E-Verified Company | www.vertexelites.com