Third Party Risk Monitoring Risk AnalystKey Responsibilities:• Monitor, evaluate, and report on third-party risk management activities to ensure risks are identified, assessed, and mitigated effectively.• Lead comprehensive assessments of third-party vendors to manage potential risks in both cyber and non-cyber areas.• Develop, implement, and maintain robust third-party risk monitoring processes, tools, and procedures.• Collaborate closely with business and technical teams to align risk mitigation strategies with business goals.• Track and report on the success of risk mitigation measures, providing regular updates to management.• Stay informed about current regulations, standards, and frameworks related to third-party and cyber risk management.• Enhance the Third-Party Risk Monitoring Program by offering insights and aligning with strategic objectives.• Manage the TP Risk Monitoring platform: triage vulnerability alerts, evaluate risks within the vendor portfolio, communicate effectively with vendors, and track remediation efforts.• Oversee zero-day events and breaches, assess potential impacts, collaborate on resolutions, and ensure remediation actions are completed promptly.• Regularly assess the vendor portfolio's hygiene, including residual risks, rating shifts, concentration risks, and fourth-party exposures.• Build strong relationships with internal SMEs and external vendors, fostering cooperation on identified risks.What You Need: Must-Have Qualifications:• At least 7 years of experience in Third-Party Risk Management, including methodologies, processes, regulatory guidance, and industry standards (e.g., ISO, NIST, PCI DSS, Privacy).• Minimum 5 years of practical experience with TP Risk Monitoring platforms, tools, and technologies in both cyber and non-cyber domains.• Proven expertise in leveraging technology for continuous risk monitoring.• Self-motivated and able to thrive independently and as part of a team.• Proactive and adaptable to a fast-paced, agile business and technical environment.• Demonstrated leadership experience, including mentoring junior staff.• Passion for third-party risk management and a willingness to continue learning.• Bachelor’s degree or equivalent professional experience. Preferred Certifications:• Certifications in Third-Party Risk Management, such as CRVPM, Shared Assessments CTPRP, and/or CTPRA.• Additional certifications in related risk disciplines like Information Security, Auditing, and Risk Management (e.g., CISM, CISSP, CRISC, CISA)
Connor Nurse