Atlas - Strategic consulting
Analyst, TP Risk Management
Role Overview
The TP Risk Management - Analyst is responsible for performing comprehensive cybersecurity risk assessments of third-party vendors and partners. You will work closely with cybersecurity, risk management, and business stakeholders to evaluate vendor risks, develop remediation strategies, and drive consistency across assessments using ServiceNow GRC.
Key Responsibilities
Perform cybersecurity Third-Party Risk Assessments (TPRAs) within ServiceNow GRC, ensuring accuracy and completeness.
Communicate assessment findings and recommendations to Information Security and Risk Management teams.
Collaborate with stakeholders to design and implement remediation strategies for identified vendor risks.
Provide consultative guidance to cybersecurity and business teams on third-party risk understanding and mitigation.
Identify and implement process improvements to enhance efficiency and consistency in TPRA operations.
Maintain detailed documentation of all assessments, decisions, and outcomes within ServiceNow.
Services and Deliverables Service / Deliverable Frequency Due Date Acceptance Criteria Conduct cybersecurity risk assessments in ServiceNow GRC for third-party vendors, focusing on their cybersecurity capabilities and data protection practices. Weekly 12/31/2025 Each assessment meets the mutually agreed criteria defined during the Assessment Definition Phase. Identify and evaluate potential cyber risks associated with third-party vendors, assessing their impact on data security and confidentiality. Weekly 12/31/2025 Maintain complete and accurate records of consultations, outcomes, and recommendations in ServiceNow. Provide third-party cybersecurity consulting to business units, ensuring awareness of key risks and best practices. Weekly 12/31/2025 Deliverables meet predefined quality standards; maintain consultation records and recommendations in ServiceNow.
Qualifications
Bachelor's degree in Information Security, Risk Management, or a related field (or equivalent experience).
3+ years of experience conducting cybersecurity or third-party risk assessments.
Hands‑on experience with ServiceNow GRC or similar governance, risk, and compliance platforms.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, SOC 2, HIPAA).
Excellent communication and collaboration skills with cross‑functional teams.
Analytical mindset with attention to detail and continuous improvement focus.
Success Factors
Ability to synthesize complex vendor information into actionable insights.
Demonstrated consistency in delivering high-quality, on-time assessments.
Effective stakeholder engagement and clear communication of risk posture.
Commitment to continuous improvement and process excellence.
Join Our Team at Atlas Atlas is a global strategic consulting firm, focused on the Life Sciences industry. Our services include Management Consulting, Managed Services and Agile Services. Global pharmaceutical companies and emerging players in life sciences depend on Atlas consultants to ensure they have the capabilities that will give them the ability to succeed. We are seeking Atlas IMPACT Makers who are ready to lead and innovate in dynamic environments. IMPACT Makers embody the principles of Atlas, driving transformative change and delivering outstanding results.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, genetics, disability, age, or veteran status. We value diversity and inclusion in our workplace and are committed to creating an environment where everyone has an equal opportunity to succeed.
#J-18808-Ljbffr
Key Responsibilities
Perform cybersecurity Third-Party Risk Assessments (TPRAs) within ServiceNow GRC, ensuring accuracy and completeness.
Communicate assessment findings and recommendations to Information Security and Risk Management teams.
Collaborate with stakeholders to design and implement remediation strategies for identified vendor risks.
Provide consultative guidance to cybersecurity and business teams on third-party risk understanding and mitigation.
Identify and implement process improvements to enhance efficiency and consistency in TPRA operations.
Maintain detailed documentation of all assessments, decisions, and outcomes within ServiceNow.
Services and Deliverables Service / Deliverable Frequency Due Date Acceptance Criteria Conduct cybersecurity risk assessments in ServiceNow GRC for third-party vendors, focusing on their cybersecurity capabilities and data protection practices. Weekly 12/31/2025 Each assessment meets the mutually agreed criteria defined during the Assessment Definition Phase. Identify and evaluate potential cyber risks associated with third-party vendors, assessing their impact on data security and confidentiality. Weekly 12/31/2025 Maintain complete and accurate records of consultations, outcomes, and recommendations in ServiceNow. Provide third-party cybersecurity consulting to business units, ensuring awareness of key risks and best practices. Weekly 12/31/2025 Deliverables meet predefined quality standards; maintain consultation records and recommendations in ServiceNow.
Qualifications
Bachelor's degree in Information Security, Risk Management, or a related field (or equivalent experience).
3+ years of experience conducting cybersecurity or third-party risk assessments.
Hands‑on experience with ServiceNow GRC or similar governance, risk, and compliance platforms.
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, SOC 2, HIPAA).
Excellent communication and collaboration skills with cross‑functional teams.
Analytical mindset with attention to detail and continuous improvement focus.
Success Factors
Ability to synthesize complex vendor information into actionable insights.
Demonstrated consistency in delivering high-quality, on-time assessments.
Effective stakeholder engagement and clear communication of risk posture.
Commitment to continuous improvement and process excellence.
Join Our Team at Atlas Atlas is a global strategic consulting firm, focused on the Life Sciences industry. Our services include Management Consulting, Managed Services and Agile Services. Global pharmaceutical companies and emerging players in life sciences depend on Atlas consultants to ensure they have the capabilities that will give them the ability to succeed. We are seeking Atlas IMPACT Makers who are ready to lead and innovate in dynamic environments. IMPACT Makers embody the principles of Atlas, driving transformative change and delivering outstanding results.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, genetics, disability, age, or veteran status. We value diversity and inclusion in our workplace and are committed to creating an environment where everyone has an equal opportunity to succeed.
#J-18808-Ljbffr