Third Party Risk Analyst

August 8

Apply Now

Receive Emails with Similar Jobs

Smartsheet

WebsiteLinkedInAll Job Openings

Modern work management platform

productivity • collaboration • achievement • innovation • effectiveness

1001 - 5000

Description

• Assess risk exposure related to third parties through enhanced risk management practices and help provide transparency into Smartsheet’s third party risk exposure. • Support the day to day execution of the Information Security Risk Assessment process for existing and potential vendors. • Document, organize, and track activities that result from vendor security assessments. • Gather and organize vendor review results and data to support risk reporting and monitoring processes. • Identify process improvement initiatives to support the Vendor Risk Management Program and related activities, and help implement and improve on the program. • Support additional activities related to the broader risk program and team. • Have an understanding of emerging technologies including, but not limited to, mobile and cloud technology.

Requirements

• 2+ years prior work experience in risk management, information security, third party risk management, audit and/or compliance efforts. • 2+ years prior work experience with the review of vendors, systems, or solutions as part of an internal risk assessment, procurement process, or other program. • 2+ years practical experience with one or more risk or other industry regulatory frameworks (NIST, ISO, COSO, COBIT, AICPA TSP/SOC, PCI, etc). • Experience with vendor risk management tools (e.g. Coupa, Archer, AuditBoard) • Experience assessing or reviewing SOC reports, penetration testing results, or other security control attestations. • Experience working with operational risks across multiple lines of business, legal entities, and/or jurisdictions. • Ability to build strong internal relationships. • Ability to assess the potential risk of an escalated issue and use business skills to evaluate impact and alternatives. • Effective judgment, decision making, and critical thinking skills. • Adaptability to the changing landscape of regulatory compliance requirements.

Benefits

• Fully paid Health & Life insurance for full-time employees and family members • Equity - Restricted Stock Units (RSUs) for eligible roles • Monthly stipend to support your work and productivity • Asociacion Solidarista with employee and employer contributions as well as potential alliances with entities such as universities, gyms, etc. • 12 days paid Vacation + Flexible Time Away Program • 20 weeks fully paid Maternity Leave • 12 weeks fully paid Paternity/Adoption Leave • Personal paid Volunteer Day to support our community • Opportunities for professional growth and development including access to Udemy online courses • Company Funded Perks including a counseling membership and your own personal Smartsheet account • Teleworking options from any registered location in Costa Rica (role specific)