All roles

REMOTE Supplier Risk Analyst

Remote · USA Full-time New today

Supplier Risk Analyst The Supplier Risk Analyst will be responsible for reviewing supplier documents, consulting with appropriate departments and compiling information into a summary for the teams use.

Responsibilities

  • Coordinate and perform supplier security risk reviews:
  • Review incoming documents from Suppliers (e.g., SOC 2 Type II reports, high level system architecture diagrams, information security policies)
  • Consult with other shared service departments, as appropriate (e.g., Procurement, Privacy, Operational Risk, Legal)
  • Compile information into a summary report, highlighting concerns in the form of a risk report/profile for a supplier or particular engagement
  • Support reporting and analysis of supplier security risk:
  • Monitor key supplier changes and risk indicators.
  • Issue monitoring, exception tracking and oversight of remediation actions to improve overall Supplier performance
  • Define, measure and monitor progress of supplier risk management activities (Issue Tracking, Risk Remediation Efforts, Key Supplier Metrics)
  • Create reporting materials detailing program activities, supplier metrics and issue remediation
  • Maintain supplier data accuracy within designated systems.
  • Provide guidance and training to stakeholders on supplier risk management policies and procedures.

Experience:

  • Bachelor’s degree in Business Information Systems, Computer Science or similar.
  • Minimum four years related experience, including at least two years of third party risk management experience conducting risk or compliance assessments
  • Understanding of information security frameworks and standards (e.g., NIST 800-171, ISO27002/27002, PCI, GDPR)
  • Ability to document and communicate assessment results clearly and concisely
  • Knowledge of supplier risk management methodologies, risk mitigation principles
  • Ability to work both independently and as part of a team to deliver quality work
  • Attention to detail, and the ability to prioritize works efficiently and effectively
  • Nice to have
  • Experience with ServiceNow and/or OneTrust.
  • Security-related certifications (CISA, CISM, CISSP, SANS GIAC)
  • Higher education and/or research institution experience
  • Understanding of higher education legal and regulatory environment (e.g.

Apply tot his job Apply To this Job

Apply

Related roles

Crypto Volatility & Risk Analyst (Remote - USA)

Remote · USA Full-time

Head of Customs Compliance

Remote · USA Full-time

Director, Compliance Program Enablement

Remote · USA Full-time

Risk Analyst

Remote · USA Full-time

Supply Chain Risk Analyst - Remote / Nationwide

Remote · USA Full-time

Risk Modeling Manager

Remote · USA Full-time

Risk and Compliance Analyst, Contract

Remote · USA Full-time

Manager, Compliance & Education

Remote · USA Full-time

Cyber Risk Analyst

Remote · USA Full-time

[Remote] Government and Public Sector - ACE - Assurance - Technology Risk - Analyst

Remote · USA Full-time

Chaplain (Part-Time) - Cross Lanes/Huntington, WV

Remote · USA Full-time

Network Compliance Architect

Remote · USA Full-time

Call Center Customer Service Representative – Overnight Shift | Remote Work Available | Language Services & Interpreter Connection Specialist

Remote · USA Full-time

Experienced Remote Data Entry Clerk – Join arenaflex's Virtual Team and Unlock a World of Opportunities

Remote · USA Full-time

Senior Manager, Clinical Applications - U.S. - Remote

Remote · USA Full-time

Experienced Remote Data Entry Specialist – Work from Home Opportunity with arenaflex

Remote · USA Full-time

VP, Strategic Sales

Remote · USA Full-time

Sr. Clinical Product Specialist, OR/NICU/PICU - Acute Care and Monitoring (Northeast)

Remote · USA Full-time

Client Travel Experience Specialist

Remote · USA Full-time

Managed Svcs Network & Security Engineer

Remote · USA Full-time