Third Party Risk Analyst

The Third-Party Risk Analyst is responsible for analyzing data and providing meaningful insights and recommendations to support the Procurement Team and business units in managing third-party risks. This includes evaluating vendor risk assessments, interpreting subject matter expert responses, and assessing overall controls to identify areas of concern or opportunities for improvement. The role focuses on reviewing vendor risk performance, monitoring fulfillment with program and policy objectives, and delivering actionable analysis to inform decision-making. The Third-Party Risk Analyst will also identify and propose viable solutions to address identified risks and challenges, ensuring they align with business needs and objectives. Additionally, the role involves preparing clear, impactful reports and fostering effective communication to support stakeholders, as well as assisting with audit and regulatory reviews as needed.

#LI-DNI

• 3-5 years of experience in Vendor/Third Party Risk Management or a related field.
• Bachelor’s degree in Business, Risk Management or a related field and/or commensurate experience.
• Experience with administration of vendor management systems (e.g., Zycus, Onetrust, GRC systems) including ability to build requirements and reports.

Location

Remote

Behavioral Competencies

• Collaborates
• Communicates Effectively
• Customer Focus
• Decision Quality
• Nimble Learning

• Supports Third Party Management solution administration, including issue management (user questions, defects, errors, failures, etc.). Analyzes, recommends, and develops Third Party Management solution enhancements, including requirements gathering and vetting.
• Monitors internal and external user group compliance to program and policy objectives and administers Third Party Management reporting, including building, publishing, and disseminating reports.
• Manages and enhances the third-party risk management program which includes employing best practices and standardizing processes, procedures, and tools to assess vendor risks.
• Performs due diligence activities on potential third-party vendors or partners to assess their capabilities, reputation, and compliance with relevant laws and regulations which involves conducting background checks, reviewing financial statements, assessing legal and regulatory compliance, and evaluating vendor policies and procedures.
• Collaborates with business unit leaders and subject matter experts (e.g., information security, business continuity, legal, and compliance) to provide effective oversight and risk management of vendor relationships and performance.
• Ensures that program design and management effectively mitigate operational and compliance risks related to the company’s vendors in accordance with regulatory requirements, business needs and contractual terms.
• Maintains an understanding of the different functional areas of the company and the needs of the business units as well as relevant regulatory guidance.
• Identifies opportunities for continuous improvement in the third-party risk management program and drives initiatives to enhance the effectiveness and efficiency of the program.
• Assists in the development and maintenance of policies, procedures, and standards related to third-party risk management. Supports preparation for and responses to audit and regulatory reviews.
• Prepares periodic reports for Procurement leadership and supports audit and examination requests for information to monitor the effectiveness of the vendor management program.
• Develops and conducts training related to program requirements and user training related to vendor management technology solutions. Supports communication and change management as needed for the third-party management program.