Jobs search

Third Party Risk Analyst

ECCO Select • Coppell, TX, US • $70k - $75k / year • 6d ago

Duration: 6+ Month Contract to Hire

Work Week: Hybrid – WFH on Monday and Friday

Location: Coppell, TX75019

Pay range: $70-$75K a year

Highlights:

Conducting risk control self-assessments (RCSA)
Capable of dealing with vendors and internal teams
Strong multitasker and able to prioritize tasks
Must know how to create a risk mitigation plan
Experience with MS word, excel and power point, SharePoint, GRC tools (Service Now)
Strong written and verbal communication skills – good people skills
Able to think outside the box and work independently
Need the ability to talk and interact with different teams and people like VP’s and Directors
Certifications are preferred but not required
Global experience is a nice to have
3+ years experience
Hybrid – onsite Tuesday, Wednesday and Thursday

What a day looks like:

Will go through vendor’s list and meet with them to find out what services they provide and then find out if this vendor’s services touch infrastructure, systems and/or data.
Then ensure he connects with the stakeholders to review the security scorecard for that vendor
Will then locate what vulnerabilities, patching, ETC, etc. then go over the scorecard with the vendor and internal team
Then validate risk of vendor and meet with the security team to see if they can tolerate these risks or not

Job Description:

Summary:

The Third-Party Risk Analyst is responsible for evaluating and managing risks associated with the Client’s third-party relationships. This role ensures that all external vendors and service providers align with the company's risk appetite, compliance standards, and operational requirements. The analyst will collaborate across teams to execute due diligence, monitor risk exposure, and implement mitigation strategies for a robust third-party risk management program.

Key Responsibilities:

Perform comprehensive risk assessments on third-party vendors and service providers, focusing on financial, operational, compliance, and cybersecurity risks.
Conduct detailed due diligence for vendor onboarding, including gathering and reviewing relevant documentation. Ensure that third parties comply with contractual obligations, regulatory requirements (e.g., GDPR, SOC, SOX), and policies.
Monitor and manage third-party adherence to security, privacy, and operational standards.
Identify potential risks in third-party relationships and recommend corrective actions or termination where appropriate.
Collaborate with internal stakeholders to implement risk mitigation strategies and track their effectiveness.
Support the development, implementation, and enhancement of third-party risk management (TPRM) framework.
Assist in creating and updating policies, procedures, and tools for vendor risk management.
Maintain accurate and detailed documentation of all third-party risk-related activities.
Prepare and present periodic reports on third-party risk exposure, trends, and compliance issues to senior management.
Partner with Legal, Procurement, IT, Compliance, and other internal teams to streamline third-party risk processes.
Act as a point of contact for resolving vendor-related risk queries.
Stay informed on evolving regulatory landscapes, industry trends, and best practices in third-party risk management.

Qualifications:

Required:

• Bachelor’s degree in Business, Risk Management, Finance, or related field.

• 2–4 years of experience in vendor risk management, compliance, or a similar role.

• Strong analytical skills with the ability to assess vendor risks and recommend actionable solutions.

• Excellent communication skills, both written and verbal, with the ability to convey complex issues clearly.

• Proficiency in vendor risk management tools and Microsoft Office Suite.

Preferred:

• Certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Risk Manager (CRM).

• Experience with vendor risk assessments in highly regulated industries (e.g., banking, logistics, or security).

• Knowledge of data privacy laws and cybersecurity risk frameworks.

Key Competencies:

• Attention to Detail: Ensures precision in assessments and reporting.

• Collaboration: Effectively works with cross-functional teams.

• Critical Thinking: Analyzes and addresses complex risk scenarios.

• Adaptability: Thrives in a fast-changing environment.

• Integrity: Maintains the highest ethical standards in interactions with third parties.

We would love to have you join our team! ECCO Select is committed to hiring and retaining a diverse workforce. ECCO Select’s policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category.

Equal Employment Opportunity is The Law

This Organization Participates in E-Verify