Vendor Security Consultant


  • Responsibilities:

    1. Vendor Security Risk Analysis (60% of role)

    • Perform all aspects of the security and risk assessment of suppliers and vendors through complex qualitative and quantitative review of risk indicators, threats, and assets

    • Evaluate suppliers’ security practices and provided documentation to identify the security posture and capability to securely manage our information and assets

    • Lead and perform the onsite assessment, using technology and information security experience to identify compliance and risks.

    • Identify control gaps and vulnerabilities with suppliers and work with leadership and suppliers to address security concerns and remediation in a timely manner

    • Document assessment results distilling complex analysis into a clear and understandable manner for supplier and business leadership audiences

    • Provide guidance to the business relationship managers to ensure their understanding, support and acceptance of the risks involved in doing business with each supplier.

    • Verify remediation has been adequately implemented before closing open supplier security findings

    • Assisting with the negotiation of supplier contracts with respect to security requirements and articulating risk to supplier and business managers when suppliers are not agreeing to security terms

    • Developing effective relationships with business relationship managers, suppliers, and vendor management teams to enable successful navigation of delicate topics

    • Escalate issues related to suppliers as necessary in a timely manner


    2. Internal Security Risk Analysis (20% of role)

    • Conduct analysis and assessment of information security processes and system controls against corporate, regulatory, and internal information security compliance standards

    • Provide guidance to information security functional teams with implementing, monitoring, and reporting of control processes, documentation, and compliance measures

    • Identify internal control gaps and vulnerabilities and work with leadership to address security concerns and remediation in a timely manner

    • Document assessment results distilling complex analysis into a clear and understandable manner for leadership audiences

    • Verify remediation has been adequately implemented before closing open security findings

    • Develop effective relationships with internal security and technology teams to enable successful navigation of delicate topics

    • Escalate issues as necessary in a timely manner


    3. Governance and Engagement: (20% of role)

      • Delivering reporting and metrics to demonstrate volume, value and trending of all vendor security activities

      • Identify opportunities for process improvements to deliver increasing efficiency and risk quantification in the processes.

      • Assist with Risk and Vendor Security program initiatives working closely with the Information Security team and other business areas

      • Support internal education and best practices sharing with peers and colleagues, as well as third party education & awareness, as needed

      • Understands the role of the security department and how it contributes to the overall goals and business strategy of the Company.

      • Proactively develop courses of action to ensure assigned goals are met without being prompted to do so.

      • Adapt to meet new challenges and changes in Company and technical security direction and understand the business needs and challenges to recommend strategies.


  • Requirements:

    Requirements: (Must haves)

    • 2-5 years of relevant work experience

    • Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, and security technologies

    • Knowledge of information security fundamentals, best practices and industry standards with prior responsibilities of protecting information assets

    • Detailed knowledge and experience in security and regulatory frameworks including ISO 27001, NIST 800-53, FFIEC and other control standards

    • Excellent verbal and written communication skills

    • Excellent interpersonal skills

    • Excellent documentation and organizational skills

    • Associate Two-Year College Degree


    Preferred experience/skills:

    • 5-10+ years of relevant work experience

    • Knowledge of multiple security areas such as: security architecture, identity management/governance, incident response, security risk, and audit/compliance functions

    • Strong experience with large enterprise environments and information security systems

    • Demonstrated ability to effectively communicate with business groups including legal attorneys

    • CISSP and/or CISM security certification

    • Other cyber risk industry certifications

    • Four-Year College Degree (BA/BS] or Masters Degree



Plano, Texas 32801




While other medical staffing agencies focus on transactions, we focus on the heart of your mission — caring for others.

Caring for others isn’t a vocation—it’s a passion, a true calling. It is challenging and rewarding in ways that are beyond measure. It can also be difficult. At Snelling, we understand that HIPPA laws and the Affordable Care Act have ushered in a new wave of complexity and demands that make your job tougher. Not all medical staffing agencies are as enlightened.

Whether you are part of a large healthcare organization, a small private practice or a medical professional looking for a new opportunity, Snelling delivers expert service other medical staffing agencies simply can’t match.

Can staffing agencies bridge the gap? Snelling can.

When you strategize with one of our account reps, you leverage years of expertise in human capital—which frees you up to focus on all the other demands of your business.

We’re more than a staffing agency. We’re your advocate. We understand how stressful and time consuming finding the right talent can be. We make it less stressful. Unlike other staffing agencies, we listen. We counsel. We carefully vet every candidate through a rigorous interview and screening process before we present them to you.

We’re not a “business-as-usual” staffing agency. We’ve weathered seismic shifts in the economy, education, information technology and hiring best practices—always keeping in mind that our clients come first. Through it all, we’ve adapted, we’ve evolved and emerged uniquely qualified to serve you in ways other staffing agencies simply can’t.

Partner with a real advocate.

Our professional acumen, deep connections in the medical industry and community—along with a client-centric approach — set us apart from other medical staffing agencies. We provide qualified, properly credentialed, thoroughly-vetted candidates to meet your needs. Just as importantly, we offer a broad scope of staffing solutions — professional search, direct-hire, temp-to-hire and contingent (temporary) — for a spectrum of medical positions, including:

Allied Health
Clinical Research
Government Healthcare
Medical Coding
Nursing (every area of specialty)
Nurse Practitioner
Physician Assistants
Therapy – Physical, Occupational, Respiratory, Speech

Do other medical staffing agencies seem more interested in getting a commission than understanding your needs? Do they miss the mark when it comes to ensuring all the details are in order — competency testing, credentialing, background and reference checks?

At Snelling, our approach isn’t transactional — it’s thorough. We understand how stressful and time consuming looking for your best-fit can be—whether you are a candidate or an employer.

Let us help you with your job search.

Tired of sending your resume into cyber space and dealing with medical staffing agencies that don’t return your call, don’t speak your language? You need Snelling. We listen. We mentor. We provide you with personalized one-on-one help whether you are looking for permanent or PRN assignments.

Ready to get started? Reach out to a Snelling rep now.

Snelling Corporate Office

4055 Valley View Lane, Suite #700
Dallas, TX, 75244

(800) 411-6401

(972) 239-7575