Third Party Risk Assessment Analyst - REMOTE

Job Description

The Third-Party Risk Assessment Analyst is responsible for identifying, assessing, and mitigating risks associated with the organization’s third-party vendors. This role involves conducting thorough risk assessments, monitoring vendor performance, and ensuring compliance with regulatory and internal security standards.

This is a REMOTE long-term contract opportunity.

Responsibilities

• Conduct comprehensive risk assessments of third-party vendors to identify potential security, operational, and compliance risks.
• Develop and maintain relationships with third-party vendors to ensure they meet the organization’s risk management requirements.
• Perform initial and ongoing due diligence on vendors, including reviewing their security controls, financial stability, and compliance with relevant regulations.
• Continuously monitor third-party risk landscape and report findings to senior management. Develop and maintain metrics and dashboards for tracking risk assessment status and outcomes.
• Ensure that third-party vendors comply with relevant legal and regulatory requirements, as well as internal policies and standards.
• Maintain detailed records of risk assessments, due diligence activities, and vendor communications.
• Assist in managing incidents related to third-party vendors, including data breaches or contract violations.
• Work closely with internal stakeholders, including procurement, legal, IT, and business units, to ensure effective third-party risk management.
• Provide training and guidance to internal teams and vendors on third-party risk management best practices and requirements.
  
  

Qualifications

• Minimum of 3-5 years of experience in risk management, compliance, information security, or a related field, with a focus on third-party risk.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Proficiency in using risk assessment tools and methodologies.
• Ability to manage multiple projects and priorities in a fast-paced environment.
• Strong attention to detail and organizational skills.
• Knowledge of regulatory requirements (e.g., GDPR, CCPA, SOX) and industry standards (e.g., ISO 27001, NIST).
• Familiarity with information security frameworks, vendor risk management software, and data protection principles.
• Bachelor’s degree in Risk Management, Business Administration, Information Security, or a related field. Advanced degree or relevant certifications (e.g., CRISC, CISA, CISM) preferred.
  
  

This is a remote, work from home position. This role is to be filled outside the states of California and Colorado.

**We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, ethnic origin, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.**