Currently I am a Senior Cybersecurity Analyst I joined a team that had a main goal the evaluation of vendors for the company. The main purpose was to evaluate the risk associate to each vendor regarding their security controls on their information technologies to ensure our vendors had the security controls in place to handle the company's and their clients data.
My main responsibility in this team is to lead the efforts to evaluate the company's vendors in latin America. I am responsible to ensure that our vendors comply with the company's security requirements in Mexico, Colombia, and Chile, for a year I also worked with Brazil vendors as well and to help our business partners to be aware of any risks associated to information security associated to the vendors they already work with and also for the new vendors that will be working with the company.
As part of my role I am responsible to ensure that all risks detected are reported and are remediated and to ensure that non-complaint controls are documented and risk exceptions are in place in case a vendor canot remediate any risk identified.