Third Party Risk Analyst

Job Summary

A company is looking for a Lead, Third Party Risk Analyst.

Key Responsibilities:

• Conduct thorough third-party risk assessments and evaluate security controls
• Utilize a GRC platform to manage and automate risk assessments and enhance the risk management program
• Analyze security and compliance reports, and track remediation efforts for identified risks

Required Qualifications:

• 5+ years of experience in security risk assessments or vendor security evaluations
• Strong experience with OneTrust or similar GRC tools
• Knowledge of security frameworks such as SOC 2, ISO 27001, and NIST 800-53
• Familiarity with security best practices for cloud services
• Understanding of third-party risk management processes