居家办公 Third Party Risk Assessment Analyst 工作, 薪水, Automate Buddy 公司招聘中 - Ricebowl

Job Summary

The Contractor - Third Party Risk Assessment Analyst will be responsible for evaluating the security and compliance posture of third-party vendors and partners. This role involves identifying potential risks, assessing mitigation measures, and ensuring that third-party relationships align with FWD's security policies and regulatory requirements.

Responsibilities

• Conduct comprehensive risk assessments of third-party vendors and partners.
• Evaluate vendors' security policies, procedures, and controls to ensure they meet FWD's standards.
• Identify potential risks associated with third-party relationships and recommend appropriate mitigation measures.
• Collaborate with internal stakeholders to gather necessary information and ensure a thorough assessment process.
• Maintain up-to-date records of third-party risk assessments and findings.
• Provide detailed reports and risk ratings for third-party vendors.
• Assist in the development and improvement of third-party risk management policies and procedures.
• Monitor and track remediation efforts by third parties to address identified risks.
• Stay current with industry best practices, regulatory requirements, and emerging threats related to third-party risk management.

Required Skills

• Bachelor’s degree in Information Security, Risk Management, Business Administration, or a related field.
• 3 or more years of experience in third-party risk assessment, vendor management, or a related area.
• Strong understanding of information security principles, risk management frameworks, and regulatory requirements (e.g., GDPR, CCPA, PCI-DSS).
• Experience with risk assessment methodologies and tools.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with internal and external stakeholders.
• Detail-oriented with strong organizational skills.
• Relevant certifications (e.g., CISA, CISM, CISSP, CRISC) are a plus.

Required Qualification

• Experience working in the financial industry.
• Familiarity with third-party risk management software and platforms.
• Ability to manage multiple assessments simultaneously and meet deadlines.