A higher education institution is looking to hire a Third-Party Risk Analyst for their information security team. This person will be responsible for receiving and reviewing ticket requests daily. They will then be conducting risk assessments for their suppliers and third-party partners. They will be providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items. The person will be handling around 20 tickets at a given time. They will be using OneTrust as the GRC tool and project management tools for progress tracking. This person will ideally reside in PST and MUST be comfortable working 8:00-5:00 PST Monday-Friday.
2+ years of experience in third party risk management (TPRM)
Knowledge of NIST 800-53 & 800-171 cybersecurity frameworks
PCI-DSS compliance knowledge
Knowledge of Higher Education Community Vendor Assessment Tool (HECVAT)
Working knowledge of ServiceNow
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.