Good understanding of vendor risks assessment methodologies is desired
- Clear understanding of risks and controls and also should know to assess findings and articulate the risks in the context of a client's risk management framework and recommend areas of improvement
- Testing of controls, identification of deficiencies, clear and concise documentation skills
- Should be updated on latest information security risks and vulnerabilities
- Clear understanding of IT controls as listed in ISO 27001.
Experience in PCI and other IT Security Standards along with ISO 27001