×
Register Here to Apply for Jobs or Post Jobs. X

Third Party Risk Management Analyst

Job in Scottsdale, Maricopa County, Arizona, 85261, USA
Listing for: Choice Hotels International, Inc.
Full Time position
Listed on 2026-07-06
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 70000 - 90000 USD Yearly USD 70000.00 90000.00 YEAR
Job Description & How to Apply Below
Position: Third Party Risk Management Analyst 2
## Third Party Risk Management Analyst 2

Apply locations:
Scottsdale AZ - Technology & Digital Commerce Center time type:
Full time posted on:
Posted Yesterday job requisition :
R21635
** This role is not eligible for sponsorship AND is four days onsite hybrid at our N. Scottsdale office   **##

Job Summary The Third Party Risk Management (TPRM) Analyst II supports the execution and continuous improvement of Choice’s Third Party Risk Management program. This role performs vendor risk assessments, evaluates control effectiveness, reviews supporting evidence, monitors remediation activities, and helps ensure third‐party partners meet Choice’s security, privacy, and compliance requirements.

The Analyst II operates with moderate autonomy, applying strong analytical, communication, and collaboration skills to solve problems, influence outcomes, and execute consistently in alignment with Choice’s expectations for adaptability and operational excellence.## Organization & Role Context This is an individual contributor role within the Information Technology Risk Management organization. The position reports to the Senior Manager, GRC and partners closely with Technology, Internal Audit, Legal, Procurement, Privacy, and business unit stakeholders to support third‐party risk oversight across the enterprise.##

Primary Duties & Accountabilities### Third‐Party Risk Assessments
* Conduct inherent and residual risk assessments for new and existing third‐party vendors.
* Perform security, privacy, and compliance assessments using standardized questionnaires and industry frameworks (e.g., SOC 2, SIG, ISO 27001, NIST).
* Review and analyze vendor‐provided documentation and evidence for adequacy, completeness, and control effectiveness.
* Document assessment results, identify risk gaps, and recommend remediation actions aligned with defined standards.
* Ensure assessments are completed in accordance with internal procedures and execution expectations.### Vendor Monitoring & Issue Management
* Track vendor remediation plans and validate closure of corrective actions.
* Monitor high‐risk vendors for changes in risk posture, control effectiveness, or material issues.
* Maintain centralized records, reporting, and dashboards to support ongoing oversight.
* Support periodic vendor reviews and recurring reassessment cycles.### Process Documentation & Governance Support
* Contribute to updates of TPRM procedures, workflows, and program documentation.
* Support internal and external audits by gathering evidence and documenting processes.
* Ensure program activities align with Choice’s governance standards and risk expectations.### Cross‐Functional Collaboration & Communication
* Partner with Legal, Procurement, Technology, Privacy, and business units to determine appropriate risk requirements for vendor engagements.
* Communicate assessment results, risk issues, and required next steps clearly to stakeholders.
* Provide guidance to internal partners on vendor intake forms and required risk documentation.
* Participate in vendor onboarding and review meetings as needed.### Continuous Improvement & Professional Development
* Stay current on third‐party risk trends, regulatory requirements, and industry best practices.
* Identify incremental improvements to assessment workflows and vendor experience.
* Pursue relevant TPRM, information security, or GRC training and certifications to support professional growth.## Qualifications### Education
* Bachelor’s degree in Information Security, Information Technology, Business, Risk Management, or a related field
** or an equivalent combination of education and relevant work experience**.### Experience
* 2–4 years of experience in third‐party/vendor risk management, IT risk, cybersecurity, compliance, or GRC.
* Experience reviewing SOC reports, security questionnaires, and vendor compliance evidence preferred.
* Familiarity with frameworks such as SOC 2, ISO 27001, NIST, PCI, and SIG beneficial.### Skills & Competencies
* Strong analytical skills with the ability to interpret technical security documentation and identify risk gaps.
* Solid problem‐solving and decision‐making capabilities.
* Effective written and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary