Rsm · San SalvadorPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM. The Information Security Governance Analyst is responsible for multiple information security-governance, risk, and compliance- related activities. This includes reviewing the security posture of vendors, coordination of information security audit activities, supporting and client due diligence by responding to client security questionnaires, requests for proposal, and requests for information. Responsibilities include managing information security program and security awareness documentation and content. Essential Duties Audit & Assessment Liaison Activities: Liaise, plan and coordinate information security audits including coordination with auditors and control owners. Liaise with auditors to gather and evaluate evidence for information security audits, drive remediation efforts and report on potential risks. Conduct mock-audits and control reviews. Communicates the effectiveness of security controls to leadership. Perform Vendor Due Diligence: Review the security posture of vendors and third parties. This includes reviewing responses to vendor security questionnaires, writing assessment reports, and communicating risks to the Line of Business contacts. Provide Client Due Diligence Support: Respond to and complete client security questionnaires, requests for proposal, and requests for information. Manage Information Security Program Documentation: Review and update information security policy, standards, procedures and related documentation. Provide subject matter expertise in the areas of security policies, standards and related compliance. Manage Security Awareness Content: Manage phishing tests, coordinate updates to security awareness course content, periodic articles and report / escalate delinquencies.
How well this role fits your profile.
Worked at rsm? Share your experience