The Third-Party Risk Analyst will work closely with the Information Security team, business units, and partner organizations to conduct comprehensive risk assessments, compliance checks, and control gaps analyses specifically related to third-party vendors and partners. This role is crucial in ensuring that our vendor relationships adhere to information security policies and risk management standards.
Essential Functions : Reasonable accommodation may be made to enable individuals with disabilities to perform essential duties.
Conduct comprehensive risk assessments of third-party vendors, including evaluating their security practices, compliance with regulatory requirements, and overall risk profile.
Develop and implement third-party risk management policies and procedures to ensure effective oversight of vendor risks.
Monitor and track third-party compliance with contractual obligations, regulatory requirements, and internal policies.
Collaborate with cross-functional teams, including Legal, Compliance, IT, and Procurement, to identify and address potential risks.
Maintain and update the third-party risk register, documenting and managing all identified risks appropriately.
Perform ongoing due diligence and periodic reviews of third-party vendors to ensure continuous compliance and risk mitigation.
Assist in the development and execution of third-party risk management training programs for internal stakeholders.
Prepare and present reports on third-party risk management activities to senior management and other key stakeholders.
Stay updated on industry trends, regulatory changes, and best practices related to third-party risk management.
Supervisory Responsibilities: This position has no formal supervisory responsibilities.
Minimum Required Qualifications :
Bachelor's degree in Computer Science, Information Systems, Information Security & Assurance, Information Technology, Audit.
Experience in third-party risk management, vendor management, or a related area.
Certificates and Licenses: None required.
OTHER REQUIRED QUALIFICATIONS:
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills.
Proficiency in using risk management tools and software.
Knowledge of regulatory requirements and industry standards related to third-party risk management.
Ability to work independently and as part of a team.
Detail-oriented with strong organizational skills.
Ability to maintain the confidentiality of sensitive information.
Microsoft Office (Outlook, Word, Excel, PowerPoint, Project, Visio, etc.); Web proficiency.
Ability to clear required background checks.
Desired Qualifications :
CTPRP, CTPRA, CISA, CRISC, or other relevant information security certifications.
Prior experience delivering training and education to a remote workforce.
Prior experience in the Education industry is a plus.
Knowledge and understanding of information technology and networking concepts.
WOrk Environment : The work environment characteristics described here represent those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform essential functions.
This is an office- or home-based position. The noise level in the office is usually moderate (computers, printers, light foot traffic).
Compensation & Benefits: Stride, Inc. considers a person's education, experience, and qualifications, as well as the position's work location, expected quality and quantity of work, required travel (if any), external market and internal value when determining a new employee's salary level. Salaries will differ based on these factors, the position's level and expected contribution, and the employee's benefits elections. Offers will typically be in the bottom half of the range.
We anticipate the salary range to be $53,944.50- $158,919.60. The upper end of this range is not likely to be offered, as an individual's compensation can vary based on several factors. These factors include, but are not limited to, geographic location, experience, training, education, and local market conditions. Eligible employees may receive a bonus. Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.
The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions and perform any related duties as assigned by their supervisor. All employment is "at-will" governed by the state law where the employee works. It is further understood that the "at-will" nature of employment is one aspect that cannot be changed except in writing and signed by an authorized officer.
Job Type
Regular
The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor. All employment is "at-will" as governed by the law of the state where the employee works. It is further understood that the "at-will" nature of employment is one aspect of employment that cannot be changed except in writing and signed by an authorized officer.
Stride, Inc. is a Federal Contractor, an Equal Opportunity/Affirmative Action Employer and a Drug-Free Workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
