Vendor Security Specialist

As a tech-savvy GRC team member, the Vendor Security Specialist will play a pivotal role in managing third-party vendor and service provider risks, necessitating a deep understanding of cloud, IT, and security principles. The role demands close collaboration with various departments to assess, monitor, and report on risks, safeguarding operations and upholding industry standards. Responsibilities include tracking and addressing high-priority findings with vendors, communicating with technical vendor representatives, implementing new features, troubleshooting, and collaborating with engineering teams to enhance the system.

Qualifications:

• 2+ years of experience supporting the TPRM function.
• Compliance knowledge: Familiar with SOC2, ISO 27001:2022, ISO 27017, ISO 27018, data security, contract terms, disaster recovery, and insurance.
• Technical proficiency: Strong understanding of cloud technologies (AWS, Google Workspace), version control (GitHub), and enterprise apps (Salesforce).
• TPRM & SSPM expertise: Experience with TPRM tools (Panorays, Rescana) and SSPM tools (Wing Security, Grip Security).
• Security knowledge: Familiar with security best practices, access control models, vulnerabilities, and analyzing Penetration Testing, SOC 2 Type 2, and PCI AOC reports.
• Analytical skills: Able to analyze complex data, identify patterns, and draw conclusions.
• Communication: Excellent written and verbal skills, with the ability to communicate technical information to both technical and non-technical audiences.
• Problem-solving: Strong troubleshooting skills and ability to develop effective solutions.

Bonus points:

• Experience in handling 3rd party risk assessments with technical orientation.
• Experience in a SaaS technologies company.

A day in the life and how you’ll make an impact:

• Coordinate with vendor owners to complete questionnaires and submit required documentation for third-party risk assessments.
• Provide guidance to vendor owners by asking questions, analyzing feedback, and extracting useful information.
• Ensure due diligence, risk assessments, and stakeholder communications are documented per Melio’s policies and guidelines.
• Oversee risk assessments for new and ongoing third-party relationships in line with Melio’s TPRM and Enterprise Risk Management Frameworks.
• Support audit reviews, regulatory exams, and internal risk assessments.
• Assist in TPRM training and awareness initiatives across the organization.
• Track, analyze, and prioritize findings from system reviews and security assessments; collaborate with vendors on timely remediation.
• Maintain effective communication with technical vendor representatives to address security concerns and drive remediation.
• Conduct third-party security evaluations for new systems based on organizational needs.
• Troubleshoot technical issues and integrate new plugins into the GRC system; implement features to improve GRC processes and security.

About the hiring department: 

Our Security department protects the organization's valuable data and systems from cyber threats. We ensure confidentiality, integrity, and availability of critical information through a combination of technology, processes, and expertise. We are a team of dedicated professionals driven by a shared mission:  to be the safest, most secure payment platform. 

About Melio: 

Melio builds business-to-business (B2B) payment tools so small business owners can spend less time in the back office and more time on their craft. As the fastest-growing B2B payment platform in the US, Melio is working hard to find new and better ways to help small businesses succeed in the ways that work best for them.

With offices in New York and Tel Aviv, and a vibrant work culture, Melio is expanding every single day. We are a diverse group of people who love what we do and do what we love. If you are a driven and passionate team player, you will fit right in. We are an equal-opportunity employer and are always on the lookout for top-notch talent—please reach out if you would like to join us on this exciting journey!