Chubb
We are seeking a detail-oriented and analytical Vendor Risk Management Analyst to join our team. The Vendor Risk Management Analyst will be responsible for assessing, monitoring, and mitigating risks associated with third-party vendors to ensure compliance with organizational policies, industry standards, and regulatory requirements. This role plays a critical part in safeguarding the organization’s operations, data, and reputation by identifying potential risks and implementing effective vendor risk management strategies.
Key Responsibilities
Conduct comprehensive risk assessments of third-party vendors, including evaluating their security practices, financial stability, and compliance with regulatory requirements. Maintain a vendor risk management framework, including policies, procedures, and tools to assess and monitor vendor risks. Complete onsite or remote audits of vendors to ensure that controls work as expected and procedures are followed correctly. Monitor vendor performance risk levels on an ongoing basis, security posture, and ongoing compliance to ensure continued alignment with organizational standards and risk levels and identifying and addressing any changes in risk profiles or compliance issues. Collaborate with internal stakeholders, such as procurement, legal, IT, and compliance teams, to ensure vendor contracts include appropriate risk mitigation measures. Prepare detailed reports and presentations on vendor risk assessments, findings, and recommendations for senior management and other stakeholders. Stay up to date with industry trends, regulatory changes, and best practices in vendor risk management to continuously improve the organization’s risk management processes. Support the development and delivery of training programs to educate internal teams on vendor risk management policies and procedures. Key Competencies
Strong analytical and problem-solving skills with the ability to assess complex vendor risk scenarios. Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders. Knowledge of regulatory requirements and industry standards related to vendor risk management (e.g., GDPR, ISO 27001, SOC 2). Proficiency in using vendor risk management tools and software. Strong organizational skills and attention to detail to manage multiple vendor assessments simultaneously. Ability to work independently and make informed decisions in a fast-paced environment. High ethical standards and a commitment to maintaining confidentiality and integrity. Accreditations
Bachelor’s degree in Business Administration, Risk Management, Information Security, or a related field. 0-4 years of experience in vendor risk management, third-party risk assessment, or a related role. Relevant certifications such as Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA), or Certified Risk and Information Systems Control (CRISC) are preferred. Experience with risk management frameworks and tools is a plus.
#J-18808-Ljbffr
Conduct comprehensive risk assessments of third-party vendors, including evaluating their security practices, financial stability, and compliance with regulatory requirements. Maintain a vendor risk management framework, including policies, procedures, and tools to assess and monitor vendor risks. Complete onsite or remote audits of vendors to ensure that controls work as expected and procedures are followed correctly. Monitor vendor performance risk levels on an ongoing basis, security posture, and ongoing compliance to ensure continued alignment with organizational standards and risk levels and identifying and addressing any changes in risk profiles or compliance issues. Collaborate with internal stakeholders, such as procurement, legal, IT, and compliance teams, to ensure vendor contracts include appropriate risk mitigation measures. Prepare detailed reports and presentations on vendor risk assessments, findings, and recommendations for senior management and other stakeholders. Stay up to date with industry trends, regulatory changes, and best practices in vendor risk management to continuously improve the organization’s risk management processes. Support the development and delivery of training programs to educate internal teams on vendor risk management policies and procedures. Key Competencies
Strong analytical and problem-solving skills with the ability to assess complex vendor risk scenarios. Excellent communication and interpersonal skills to collaborate effectively with internal and external stakeholders. Knowledge of regulatory requirements and industry standards related to vendor risk management (e.g., GDPR, ISO 27001, SOC 2). Proficiency in using vendor risk management tools and software. Strong organizational skills and attention to detail to manage multiple vendor assessments simultaneously. Ability to work independently and make informed decisions in a fast-paced environment. High ethical standards and a commitment to maintaining confidentiality and integrity. Accreditations
Bachelor’s degree in Business Administration, Risk Management, Information Security, or a related field. 0-4 years of experience in vendor risk management, third-party risk assessment, or a related role. Relevant certifications such as Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA), or Certified Risk and Information Systems Control (CRISC) are preferred. Experience with risk management frameworks and tools is a plus.
#J-18808-Ljbffr