Job Description
Job Purpose (ideally 3-5 sentences)
This role is responsible for:
Supporting the execution of inherent and residual risk assessments (IRA/RRA) by gathering documentation, reviewing questionnaire responses, and identifying potential risk indicators. Assisting senior analysts and SMEs across cybersecurity, privacy, ESG, legal, and operational domains to validate risk information and ensure accurate assessment outcomes. Contributing to the maintenance of TPRM policies, process documentation, assessment templates, and operational workflows. Coordinating with Procurement, Legal, Supplier Enablement, Sales, and business units to collect engagement details and ensure complete and timely data for assessments. Supporting remediation tracking, reporting activities, and audit documentation by updating trackers, dashboards, and centralized repositories. % of Time
(required)
Essential Functions (ideally 5-10 with greatest % first)
60%
Risk Assessment Support & Due Diligence Operations Assist in conducting inherent and residual risk assessments (IRA/RRA) by collecting, reviewing, and organizing documentation and questionnaire responses from third parties. Perform preliminary analysis to identify missing information, inconsistencies, or potential risk indicators across cybersecurity, privacy, financial, operational, and ESG domains. Coordinate with senior analysts and SMEs to validate responses, clarify third-party submissions, and support accurate risk scoring. Maintain assessment trackers, update evidence repositories, and ensure timely follow-up with stakeholders for outstanding items. 30%
Process Administration, Documentation & Stakeholder Coordination Support the upkeep of TPRM policies, templates, SOPs, and intake materials, ensuring consistent application across assessments. Partner with Procurement, Legal, Sales, Supplier Enablement, and business units to gather engagement details and ensure assessments are initiated correctly. Assist in preparing inputs for dashboards, reporting, audit requests, and regulatory documentation related to third-party oversight. Help document control libraries, risk taxonomies, and assessment workflows under the guidance of senior analysts. Support risk reporting, audit readiness, and periodic governance documentation 10%
Additional Duties Support onboarding activities for new TPRM team members, contribute to cross-functional initiatives, and perform other responsibilities as assigned to strengthen TPRM operations. Knowledge and Skills /indicate required or preferred
Basic understanding of third-party risk management concepts, due diligence processes, and risk assessment methodologies (Required) Strong analytical skills with the ability to review questionnaires, identify discrepancies, and interpret risk-related information (Required) Effective written and verbal communication skills to engage with internal teams and document assessment findings clearly (Required) Ability to work collaboratively with Procurement, Legal, IT, and business units to gather information and resolve assessment gaps (Required) Familiarity with tools such as Coupa, ServiceNow, Archer, or other TPRM/GRC or procurement platforms (Preferred) Working knowledge of regulatory or control frameworks (ISO 27001, NIST, GDPR, SIG, etc.) or willingness to learn (Preferred) Requirements (indicate required or preferred)
Experience:
Type
Number of Years
Experience in risk management, due diligence, or related analytical roles (Required) Experience performing risk assessments and scoring for third-party engagements. (Required) Exposure to Coupa Risk Assess, ServiceNow VRM, Archer, or similar TPRM/GRC tools. (Required) Experience with TPRM for a provider of staffing services (Preferred, but not Required) Certifications Preferred: CTPRP, ISO/NIST foundational courses, or any risk/compliance-related certification (optional, not required) 1-3 Yrs
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application