×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Business Analyst Data Security

Enterprise Risk Strategy - Vendor Management Analyst III - P3

Job in Las Vegas, Clark County, Nevada, 89113, USA
Listing for: CreditOne
Full Time position
Listed on 2026-06-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Business Analyst, Data Security
Job Description & How to Apply Below
Description

Position Summary

As a Vendor Management Analyst II, you will contribute to the efforts of our Card member Administration Management (CMAM) department by assisting with the organization, administration, and facilitation of its third-party risk management assessment process and business continuity functions. This role will support the Vice President and Assistant Vice President with all phases of third-party risk assessments, documentation, and communication, as well as the build-out of the TPRM Governance, Risk, and Compliance (GRC) tool.

Summary of Essential Job Functions
  • Support the end-to-end third-party implementation process to ensure vendors meet our control standards, including pre-contractual third-party reviews, ongoing monitoring controls, and risk assessment to identify the required controls and potential risks to remediate and document any remaining risks in the security risk register for post-implementation remediation
  • Perform assessments of all aspects of the provider
  • Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions
  • Develop a comprehensive understanding of the organization's third-party risk management framework and standards
  • Ensure assessments within the company are following known industry frameworks (i.e., PCI-DSS, FFIEC, OCC, ISO, NIST)
  • Collaborate with cross-functional teams, including legal, procurement, IT, and business units, to gather necessary information and ensure compliance with risk management processes
  • Assist in developing and enhancing third-party due diligence policies, procedures, and frameworks to improve the effectiveness and efficiency of risk assessment processes continually
  • Back up selected Vendor Manager functions
  • Perform other duties as assigned
Position Requirements
  • Familiarity with risk assessment methodologies, frameworks, best practices, and the full breadth of cybersecurity domains, particularly as they pertain to third-party risk management
  • Knowledge of relevant regulations, standards, and frameworks related to third-party risk management, such as the FFIEC Handbook, ISO 27001, NIST CSF, NIST SP 800-53, GDPR, PCI-DSS, and other industry-specific regulations
  • Experience conducting risk assessments of third-party vendors, suppliers, or partners, including evaluating compliance with policies, procedures, and regulatory requirements
  • Strong analytical skills to identify and assess potential risks associated with third-party relationships, such as data security, operational vulnerabilities, and regulatory compliance
  • Ability to collaborate effectively with cross-functional teams, including legal, compliance, IT, and business units, to gather necessary information and ensure compliance with risk management processes
  • Excellent written and verbal communication skills, with the ability to prepare clear and concise reports, summaries, and documentation related to risk assessments
  • Detail-oriented mindset with the ability to analyze and interpret risk assessment findings and provide recommendations and remediation plans to mitigate identified risks
  • Strong organizational skills to monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions
  • Familiarity with risk management software or tools for tracking and managing third-party risks may be advantageous
  • Proactive attitude with the ability to stay updated on emerging trends, regulatory changes, and industry standards related to third-party risk management
  • Ability to work independently and as part of a team, focusing on delivering high-quality results within established deadlines
  • Bachelor's Degree. Bachelor's degree in Cybersecurity, Business, Operations, Engineering, or equivalent years of work experience in a corporate environment
  • Minimum of 3 years of experience in third-party risk management, vendor management, information security, IT auditing, or equivalent experience
  • Experience writing technical documentation and reports
  • Experience with Excel, creating pivot tables and formula
Preferred
  • Any of the following Certification(s): CTPRP, CISSP, CISA, CRISC, CISM
  • Interagency Guidance on Third-Party Relationships in Risk…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search