Description
Role Profile
Third Party Risk Analyst
ROLE SUMMARY
Global Job Family: Finance
Typical Role Name: Third Party Risk Analyst
Typically reports to: Third Party Risk Manager
Typical Direct Reports: None Purpose
The purpose of the Third-Party Risk Analyst (TPRA) is to resolve the identified inherent and residual risks of using third parties, to drive compliance and ensure the UK&I business has a robust controls framework across the supplier and reseller environment.
Essential Duties & Responsibilities
1. Third Party Risk Assessments - partner with business units, providing support and guidance as required
2. Assist with evolution of ongoing monitoring frameworks and roll out across UK&I business
3. Manage resolution of information security control gaps identified by Global Security Office (GSO) with third parties, ensuring auditable evidence and approvals are secured in line with Risk Management practice
4. Support with audits of the business by third parties as required, and in building a library of standard responses
5. Ensure accuracy of Third Party inventory, contributing to integrity and effectiveness of MI
6. Upkeep of Third Party Risk Management documentation, including process maps and toolkits.
KNOWLEDGE, EXPERIENCE & QUALIFICATIONS
Required skills and experience:
* Ability to create/draft detailed process maps and succinct process documentation.
* Strong information security knowledge and experience of controls monitoring
* Detail orientated with good organisational and results focus
* Strong work ethic - able to work autonomously and deliver results
* Effective written and verbal communication skills
* Ability to comprehend and interpret policies and identify synergies across policies
* Ability to challenge and influence Senior Managers and stakeholders
Education/Qualifications
Degree or equivalent or extensive work experience within third party risk management and/or information security risk management of third parties.
Competencies
- Experience with SharePoint, Visio and Microsoft Office 365 and tools for collaborative working
- Understand different aspects of supplier risk (eg financial, control environments, change in legal control) and capacity to develop sound understanding of the business functions suppliers support.
* Experience in third party risk assessment tools (Archer) and risk assessment techniques
* Strong ability to build and develop stakeholder relationships (both internal and external)
* Strong audit and analytical skills