Senior Analyst 3rd Party Risk Assessment
San Francisco, CA
The Third Party Risk Assurance (TPRA) Senior Analyst role will be responsible for assessing, overseeing and facilitating cyber risk activities, including:
Assisting Businesses and coordinating with Procurement risk teams to facilitate risk identification and assessment for Third Party products/services during the on-boarding process (Third Party Evaluation).
Project manage and executing on-going risk assurance activities including re-completion of Cyber Assurance activities and oversight of Businesses to ensure continued compliance with TPRA requirements.
Project manage the enterprise TPRA service, requirements, procedures, technology, tools and templates.
Providing stakeholder guidance throughout the TPRA life cycle (Third Party Evaluation: Pre-Contract and Third Party Assurance: Post Contract) as well as facilitating escalations regarding identified third party related exceptions or events.
Work with Business Owners to ensure that third parties are classified based on the inherent and residual cyber risks for the products/services provided.
Execute cyber assurance activities on behalf of the business and ensure coordination of efforts in a timely manner. This includes, but is not limited to leveraging external security reports, performing remote or on-site deep dive security control evaluation and independent report evaluation.
Project manage completion of Business on-going risk management activities and report on instances of non-compliance or other areas of concern.
Identify and facilitate exception escalation processes to ensure appropriate stakeholders and executives across the enterprise are involved based on defined risk thresholds.
Actively monitor the exception management activities performed by the Business to ensure timely remediation or acceptance of identified exceptions.
Serve as the subject matter specialist in the development of exception remediation plans as well as the review of completion evidence and exception closure.
Generate key risk metrics, reporting and dashboards, then deliver to applicable to stakeholders and Dental leadership on a regular basis.
Ensure businesses and TPRA stakeholders receive training regarding TPRA capabilities, procedures and requirements.
Perform Quality Control (QC) and Quality Assurance (QA) on TPRA activities completed throughout the life cycle.
Oversight of third party data integrity and source of truth management within the TPRA Tool.
Management and administration of TPRA procedures, tools and corresponding support materials.
Bachelor's Degree or equivalent work experience
3+ years of experience in Third Party Risk Assurance or audit required (remote or on-site)
Deep knowledge of cyber security principles and best practices (industry certifications preferred)
Audit background, including familiarity with SOC I (SSAE16 ) and SOC II, ISO 27001, etc. preferred
Detail-oriented with strong organizational skills
Ability to independently manage and prioritize work load
Good judgment and analytical skills
Excellent oral and written communication skills
Knowledge of insurance industry preferred
Third Party Risk Assurance service design and execution experience preferred
Employment Type: Permanent
Work Hours: Full Time
Pay: $90,000 to $125,000 USD
Pay Period: Annual
Other Pay Info: Bonus
Click here to apply
Please mention that you saw the job on Business Analyst Learnings