Vendor Management Risk Analyst

$88,300 - $121,375/Yr

Legal & General America - Frederick, MD

posted 2 months ago

Full-time - Mid Level
Hybrid - Frederick, MD
Management of Companies and Enterprises

About the position

The Vendor Management Risk Analyst at Legal & General America plays a crucial role in managing vendor risk in alignment with internal policies and regulatory requirements. This position involves evaluating, monitoring, and managing risks associated with vendors that access the organization's data or systems. The analyst will collaborate with various departments to assess security, privacy, compliance, and operational risks posed by vendors, implementing strategies to mitigate these risks and safeguard the company's interests.

Responsibilities

  • Facilitate the on-time completion of initial and recertification reviews including collecting and assessing vendor questionnaires and audit reports (SOCs) and security documents, assess and document the risk and conclusions drawn from the assessment.
  • Track and conduct comprehensive risk assessments of vendors, based on a periodic schedule, to evaluate their capabilities, controls, and adherence to internal policies, standard standards, and regulatory requirements.
  • Compose assessment report containing findings and recommendations and present to business and the vendor.
  • Develop and implement risk mitigation strategies and action plans to address identified risks and vulnerabilities associated with vendor relationships, and coordinate with business stakeholders to monitor and drive resolution.
  • Ensure appropriate risk tier is assigned and due diligence completed by performing a deep dive analysis.
  • Monitor and track vendor risk indicators, including cybersecurity incidents and regulatory changes to assess the ongoing risk exposure and potential impacts.
  • Provide regular reporting to senior management on the status of vendor risk management activities and key findings.
  • Stay informed about regulatory changes, industry trends, emerging risks, and best practices in vendor management to enhance organization's vendor management capabilities and practices.
  • Update vendor management system continuously, track key vendor metrics, and perform other duties as assigned in support of Front office.

Requirements

  • Bachelor's Degree in Risk, Business, Business Technology, Cybersecurity, or a related field (may consider equivalent combination of education and experience).
  • 3 to 5 years of relevant work experience (e.g., vendor management, information security, third party risk management) with insurance industry experience preferred.
  • Strong understanding of vendor management lifecycle and vendor risk management principles, methodologies, and best practices.
  • Subject matter expertise in SSAE 16, SOC 2, Shared Assessments, etc.
  • Broad knowledge of information security and privacy fundamentals, and experience in applying security frameworks such as NIST or ISO 27000.
  • Proficient in the design and implementation of effective control framework.
  • Detail-oriented and organized, with the ability to manage multiple priorities and deadlines in a fast-paced environment.
  • Proficiency in using vendor management tools, software, and technologies to support third-party risk assessment and monitoring activities.
  • Excellent analytical, problem-solving, and critical-thinking skills, with the ability to assess complex situations and make informed risk-based decisions.
  • Demonstrated solid written and oral business writing, communication, and presentation skills with ability to effectively communicate to and influence at all levels of the organization.

Benefits

  • 401(k) matching
  • Dental insurance
  • Health insurance
  • Paid holidays
  • Volunteer time off
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service