Risk Assessor

Compliance Analyst
Full Time
Depends on Experience
Work from home not available Travel not required

Job Description

New Vendor Engagements

The Third Party Risk Management (TPRM) program defines the framework and conducts the assessments that enable the business to protect the organization and our clients from risks. The associate in this role will be responsible for the execution of due diligence for new vendor engagements. This responsibility will span from the request to review, working the business (1st line) and subject matter experts to ensure that all necessary information has been reviewed and critical issues have been identified.

Key responsibilities:
As assigned, execute due diligence for new vendor requests (VEQs)
Conduct review of new engagement and assign inherent risk score.
Partner with business (1st Line) for the collection of critical artifacts and evidence required from vendor.
Execute due diligence, risk assessments, engaging business subject matter experts as needed for review.
Identify issues resulting from assessments, work with business to ensure findings have identified owners and follow up plans.
Communicate final reports to stakeholders including vendor business liaisons, sourcing and legal.
Partner with peers and leader to ensure risk assessments are completed on time, escalate roadblocks and issues in a timely manner.
Ensure work deliverables maintain high level of quality, ensuring the appropriate identification of critical risks.
Review assessment reports and issues to ensure clarity, traceability and alignment across results.
Confirming the appropriateness of risk ratings based on engagement risk, the validation results.

Leadership Qualities:
Demonstrate strong ability to analyze information and data
Demonstrates strong subject matter expertise and sound judgement to align appropriate risk level
Conduct an assessment in a collaborative manner to effectively assess controls while maintaining business relationships
Quickly analyze information security controls, ensure clearly written assessments, and provide constructive action items to assessors
Translate security, business continuity, and operational controls into business risk
Work with diverse contacts throughout the world to achieve results
Communicate technical issues to non-technical people
Demonstrate collaborative partnership skills for working with various points of contacts
Demonstrate strong problem-solving and conceptual thinking abilities
Demonstrate capacity to think broadly but go deep into subject matter when needed

Basic Qualifications:
Bachelor s Degree
1+ years experience with related experience in information security, risk assessments, or business continuity.

Preferred Qualifications:
CISSP, or CISA, or CRISC certification
been identified.


Data Resource Technologies Inc. is an Information Technology Staffing Firm serving the markets of the United States of America; the greatest country in the world. We work with Direct Clients Only and do not participate in multi layer contracts. Earn The Most Possible and put over 60 years of Information Technology Industry experience to work for you today, Call or Apply NOW!!!

Posted By

Cody Bright

12020 Shamrock Plaza, Suite 200 Omaha, NE, 68154

Dice Id : 10124769
Position Id : RATLCB
Originally Posted : 2 weeks ago
Have a Job? Post it