Motion Recruitment - Arlington, VA
posted 2 months ago
Full-time
Arlington, VA
Administrative and Support Services
About the position
The Vendor Risk Management Analyst will work closely with cross-functional teams, internal business stakeholders, and third-party vendors to lead risk assessments and manage the complete third-party lifecycle. This role is essential for ensuring adherence to risk management policies and procedures while building effective relationships to oversee vendor performance and incident response efforts.
Responsibilities
- Maintain an up-to-date inventory of third-party vendors and engagements, ensuring adherence to risk management policies and procedures.
- Conduct risk assessments for both new and current vendors, identifying and evaluating potential risk factors.
- Partner with internal account managers and vendors to ensure due diligence questionnaires are completed and returned promptly.
- Build and maintain effective relationships with third parties and internal stakeholders to support collaboration and align on risk management goals.
- Assist with incident response efforts by coordinating with impacted vendors.
- Work with the Procurement team to manage vendor onboarding and offboarding processes.
- Provide regular updates and metrics on Vendor Risk Management operations.
- Stay current with industry trends, regulatory updates, and new risks related to third-party risk and vendor management.
Requirements
- 2-3 years of experience in an information security or vendor risk management role.
- Excellent written communication skills, with the ability to produce clear security assessments, documentation, reports, and metrics.
- Strong planning and organizational skills, able to collaborate effectively with both technical and non-technical teams.
- Familiarity with security standards and frameworks, such as ISO 27001, NIST, etc.
- Bachelor's degree or equivalent in Computer Science or a related field.
Nice-to-haves
- Security certifications like CISA, CISSP, GSEC, or Security+ are a plus.
- Experience with Third-Party Risk Management Platforms (TPRM) is a plus.
- Knowledge of the homebuilding and mortgage industries is beneficial.
