Senior Analyst, Third Party Risk Management

2 days ago

Apply Now

Receive Emails with Similar Jobs

Iron Mountain

WebsiteLinkedInAll Job Openings

Information Management • Document Management Solutions • Secure Shredding • Data Protection • Archiving

10,000+

Description

• The role exists in the Information Security Department and reports to the Manager of Third Party Risk Management. • The company’s Third Party Risk Management Program is responsible for providing Iron Mountain's Business Relationship Owners, Employees, and Senior Management with the tools and insight to successfully manage and understand the company’s Third Party Risk exposure. • Members of the Third Party Risk team are primarily responsible for the review and assessment of risk mitigating controls of the new and existing suppliers utilized across the firm, as well as for utilizing the tools and processes necessary to appropriately communicate concerns to the business stakeholders. • The position partners with various areas including Procurement, Supplier Relationship Management, Privacy & Compliance, Information Security, Disaster Recovery, Business Continuity and Third Party relationships globally. • Report directly to the Manager of Third Party Risk Management for all things concerning the Third Party Risk Program, maintenance and administration. • Liaise with internal Subject Matter Experts (SMEs) and assessors (reviewers) of external assessment and documentation. • Assess the control practices and posture of new and existing Third Parties for Iron Mountain (global). • Publish news, M&A briefing and track all alerts regarding Third Party relationships in regards to Iron Mountain Critical and High Risk Vendors (utilizing industry standard, real time monitoring tools). • Support the production of monthly metrics and executive dashboards. • Translate the results of assessment analysis and findings into business consumable format and deliver those results to business, procurement, legal and other teams to guide risk-based decisions. • Support the evolution and continuous improvement of Third Party Risk Assessment processes, including the development and maintenance of procedures, artifacts, and metrics to be used in the assessment of potential and existing third parties. • Analyze, design and implement business processes and requirements to ensure compliance with all applicable Iron Mountain policies and procedures. • Support internal and external program audits by providing program overviews and supporting evidence as requested.

Requirements

• Minimum Education: 4 Year College Degree • Minimum Experience: 3-5 years experience in: risk management, procurement, information security, and/or utilizing large data sets • Preferred Skills: • Ability to communicate risk management topics/ideas to varied business stakeholders • Foundational understanding of security and risk management controls and practices • Strong analytical, mathematical, problem solving mindset • Ability to analyze data, generate reports and executive dashboards • Familiarity with Shared Assessments SIG (Standard Information Gathering) toolkits • Knowledge of the Google Suite • Attention to detail • Ability to learn multiple applications and software