Job Description
A 3rd party risk auditor is responsible for evaluating and managing risks posed by external vendors, suppliers, or partners to ensure compliance and security standards are met. Conduct audits of external vendors to verify adherence to contractual, regulatory, and security requirements. Identify, assess, and mitigate risks associated with third-party relationships, including operational, financial, and cybersecurity risks. Perform risk assessments without supervision, ensuring objectivity and accuracy. Apply frameworks and tools to evaluate vendor risk (e.g., questionnaires, scoring models, compliance checklists).
- Review vendor security controls and compliance documentation.
- Assess data protection measures and regulatory compliance (GDPR, SOC 2, etc.).
- Report findings and recommend corrective actions.
- Monitor ongoing vendor risk through periodic reviews.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
- Experience conducting 3rd party risk assessments
- Experience performing information security assessments
- Working with stakeholders
- Experience with risk assessment tools (Archer, ServiceNow, etc.)
- Strong communication skills
Nice to Have Skills & Experience
- Certifications: CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional).
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.