Third Party Security Risk Assessor

Infotech Sourcing - Menlo Park, CA

Job Title: Third Party Security Risk Assessor 8224875

Job Location: Menlo Park

Job Duration:6 Months

Duties: Facebook is seeking a Third Party Security Risk Assessor to join the Information Security team. This position will be responsible for understanding and executing third party reviews as part of Facebook's Third Party Risk Security Program. The Third Party Security Review specialist will be someone that has a passion for evaluating security risk posed by vendor relationships along with internal Facebook processes and technologies while empowering Facebook's culture of rapid innovation and helping demonstrate Facebook's dedication to security to the world. This role requires a mix of broad business and technical acumen, evaluating risk, and a polished ability to communicate. This is a contract position.

Skills: Responsibilities

  • Help demonstrate Facebook's commitment to security to internal and external stakeholders

  • Complete security reviews of third parties doing business with Facebook

  • Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls

  • Participate in the development and oversight of required corrective action plans relating to security risk issues specific to security reviews completed

  • Understand business process and requirements relative to the specific vendor security reviews


  • Experience assessing Information Security risk with strong preference given to individuals who have completed vendor security risk reviews and technical risk assessments;

  • 3+ years of proven experience working on Information Security teams or projects;

  • Strong program and project management skills required;

  • Experience with developing security reporting that is meaningful and actionable for a variety of audiences including internal stakeholders and external third parties;

  • Knowledge and understanding of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, physical security, etc.;

  • Understanding of processes for risk evaluation and assessing third parties across diverse industries and against a broad range of security requirements;


Bachelors in business and technology preferred or equivalent experience.

Posted On: Tuesday, May 22, 2018

Apply to this job