Job Description
Insight Global's client is looking for a Sr Third Party Risk Analyst to join their Third Party Risk Management team within the Compliance organization. We are looking to source a candidate in LATAM for this position but you can sit 100% remote.
In this role, you will:
- Lead third-party risk assessments with a focus on Information Security and GRC, evaluating inherent and residual risks to drive risk-informed decision-making.
- Perform in-depth due diligence on prospective and existing vendors, with an emphasis on cybersecurity controls, regulatory compliance (e.g., GDPR, SOC 2, ISO 27001), and data protection practices.
- Ensure integrity, consistency, and audit-readiness of third-party data within the GRC platform, supporting executive reporting and regulatory compliance.
-Collaborate with key stakeholders across Information Security, Privacy, Legal, Procurement, and Business Units to integrate third-party risk insights into broader enterprise risk initiatives.
- Provide expert guidance during third-party offboarding, ensuring risk is appropriately retired and that data retention, access, and continuity controls are validated.
- Support external audits, internal investigations, and regulatory inquiries by preparing accurate and timely responses related to TPRM practices and control effectiveness.
- Contribute to the enhancement of TPRM policies, playbooks, and metrics to continuously mature the program.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
- 5+ years of experience in third-party risk management, information security, IT audit, or GRC, preferably within Gaming, Technology, or Consulting
- Deep understanding of security risk assessment frameworks and best practices (e.g., NIST, ISO 27001, SIG, CSA, etc.).
- Proficiency in JIRA and GRC platforms such as OneTrust, ServiceNow, or similar tools, with the ability to lead data analysis and system improvements.
- Demonstrated ability to identify and assess security, privacy, and operational risks with a practical and solutions-oriented mindset.
- Excellent verbal and written communication skills,
- Understanding of IT Risk Management concepts
- Understanding of the S-SDLC and the Agile Project Methodology
Nice to Have Skills & Experience
- Experience with regulatory requirements related to vendor management and data security
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.