Remotery

Third Party Risk Management Analyst

atCrowdStrikeUS flagUnited StatesFull-timeBusiness AnalystMid-levelSenior$85k – $120k/year

Posted 3 hours ago

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee and enhance CrowdStrike's Third Party Risk Management program, which includes policies, standards, procedures, and assessment methodologies.

• Execute security risk evaluations of third-party vendors, assessing controls across multiple domains such as data security, access management, incident response, business continuity, and compliance.

• Classify and prioritize vendors based on risk factors like data sensitivity, operational reliance, and regulatory requirements.

• Manage vendor risk findings, remediation strategies, and exceptions, collaborating with vendors and internal stakeholders to resolve issues promptly.

• Keep track of the third-party risk landscape, including emerging threats, regulatory changes, and vendor security incidents, while communicating relevant updates to stakeholders.

• Create and maintain TPRM dashboards and reporting tools to offer visibility into vendor risk posture and program health.

• Design and deliver training and communication to internal stakeholders regarding TPRM processes, requirements, and responsibilities.

• Identify ways to automate and enhance TPRM workflows, utilizing GRC tools and integrations to boost efficiency and scalability.

• Proactively detect gaps in the TPRM program and lead initiatives to address and remediate them.

• Carry out additional responsibilities within the scope of Third Party Risk Management and broader Cyber GRC.


⛳️ Requirements

• Bachelor's degree in Computer Science, Information Security, Business, or a related field; or up to 5 years of relevant experience.

• Technical expertise in third party risk management, vendor risk, supply chain security, or related fields.

• Familiarity with GRC or TPRM platforms such as ServiceNow, OneTrust, ProcessUnity, or comparable tools.

• Strong comprehension of security risk assessment methodologies and control frameworks relevant to third-party environments.

• Knowledge of regulatory requirements and frameworks such as SOC 1/SOC 2, ISO 27001/27002, NIST 800-53, CSA-CCM, GDPR, and PCI-DSS as they pertain to vendor relationships.

• Experience in assessing vendor security documentation, including SOC reports, penetration test results, and responses to questionnaires.

• Demonstrated experience in utilizing AI technologies to improve decision-making, streamline workflows, enhance efficiency, and drive business outcomes.

• Preferred certifications: CISSP, CISM, CRISC, or equivalent security certifications.

• Certifications related to third party risk such as CTPRP (Certified Third Party Risk Professional) are advantageous.

• Ability to strategically assess supply chain and vendor risks and relate them to CrowdStrike's overall risk posture.

• Strong analytical and problem-solving abilities to evaluate vendor controls, identify gaps, and prioritize remediation efforts.

• Excellent communication skills to effectively convey technical risk findings to non-technical stakeholders, including executives and procurement teams.

• Proven capability to establish and maintain relationships with external vendors and internal cross-functional partners.

• Leadership skills to conduct vendor risk assessments, manage remediation efforts, and influence stakeholders without direct authority.

• Experience in managing risk programs or projects, including scoping, stakeholder coordination, and tracking deliverables against timelines.


🏝️ Benefits

• Market leader in compensation and equity awards.

• Comprehensive physical and mental wellness programs.

• Competitive vacation and holidays for recharging.

• Paid parental and adoption leaves.

• Professional development opportunities for all employees regardless of level or role.

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to foster connections.

• Vibrant office culture with world-class amenities.

• Great Place to Work Certified™ globally.

People also viewed

Expleo Group3 hours ago

Business Process Analyst – Payroll

PT flagPortugal OnlyFull-timeBusiness Analyst
ApplyView job
Gramian Consulting3 hours ago

LLM Business Analyst

US flagAlabama, +22 more statesFreelanceBusiness Analyst$10/hour
ApplyView job
Extractta3 hours ago

Senior Business Analyst – Pensions

BR flagBrazil OnlyFull-timeBusiness Analyst
ApplyView job
Quid3 hours ago

Insights Analyst

US flagUnited States OnlyFull-timeBusiness Analyst$85k – $95k/year
ApplyView job
Windward Risk Managers3 hours ago

Business Analyst I, II, III – Claims

US flagFlorida OnlyFull-timeBusiness Analyst$80k – $109k/year
ApplyView job
Motorola Solutions3 hours ago

Process Analyst – Business Process Excellence, Technology

US flagColorado, +4 more statesFull-timeBusiness Analyst$90k – $100k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers