Third Party Risk Analyst
| Company | Esri |
|---|---|
| Location | West Redlands, Redlands, CA, USA |
| Salary | $69680 – $114400 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Junior, Mid Level |
Requirements
- 2+ years of professional experience including general IT/Business responsibilities, customer/third party interactions, Third Party Risk Management (TPRM), IT Security, contracts/legal, or similar
- Proven experience providing exceptional customer service
- Demonstrated experience developing or being a part of customer facing programs and/or cross functional business programs
- Strong ability to coordinate with technology team members for follow-up of implemented controls and support the collection and validation of evidence as part of the risk remediation process
- Experience influencing without authority, dealing with ambiguity, and balancing competing goals and objectives
- Understand business/IT security and risk management controls to include experience with governance risk and compliance (GRC) tools or processes
- Clear communication, strong collaboration, and finely tuned writing/editing skills
- Bachelor’s in Information Systems, Computer Science, Business, or a related STEM degree
Responsibilities
- Collaborate with security subject matter experts (SMEs), legal teams, and global business development staff to enhance and maintain systems and processes for Esri’s customer trust program
- Manage incoming customer security requests (such as assessments, questionnaires, policy reviews, penetration tests, documentation, and contract term reviews), prioritize tasks, and recommend appropriate courses of action
- Provide general administrative support for audits, including filing, data entry, tracking, and correspondence, while adhering to established processes and standards
- Facilitate communication between business, technology, and information security teams to validate questionnaire responses and fulfill general requests related to controls defined by Esri’s standards and policies
- Advise Esri staff on security and privacy requirements, consulting with SMEs when necessary, and maintain a comprehensive security knowledge base
- Serve as a point of contact for client and compliance audit inquiries, ensuring timely and accurate responses
- Manage and maintain a standardized library of responses for customer questionnaires, ensuring accuracy and consistency
- Collaborate with internal experts to update and refine responses as needed
Preferred Qualifications
- Security + or equivalent security certification(s)
- Exposure to Esri technology, Esri project methodologies, and security topics
- Experience in supporting the completion of security or compliance reviews, Third Party or Customer Questionnaires and familiarity with Policy/Standard reviews
- Project management experience
- Demonstrated success with business relations in a service-oriented business environment
- Proficient with Salesforce, content management or Third-Party Questionnaires related software like (Loopio)
- Familiarity with third party risk management platforms, such as CyberGRX
- SANS or equivalent security certification(s)