Third Party Risk assessment Analyst/Lead

Our client is currently seeking a Third Party Risk assessment Analyst/Lead Job Responsibilities: Lead IT Technology Risk Management activities with a focus on third-party and vendor risk. Optimize and enhance Third-Party Risk Management (TPRM) processes to align with organizational standards and regulatory expectations. Review vendor intake forms and use cases to validate criticality, tiering, and required assessment levels. Perform inherent risk assessments and categorization for all newly onboarded third-party vendors. Conduct end-to-end security assessments for third-party/service providers. Review SIG questionnaires and supporting evidence to evaluate vendor security posture and identify potential risks. Collaborate with vendor relationship managers to drive timely remediation of issues, including handling non-responsive vendors. Perform due diligence on vendor cybersecurity controls aligned with internal and external audit requirements. Engage in iterative discussions with Business Units, IT, and vendor teams to close open items and clarify assessment findings. Conduct security control reviews against cybersecurity best-practice frameworks (e.g., data classification, encryption, IAM, logging, financial viability). Contribute to senior management reporting, dashboards, and governance forums with clear risk transparency. Ensure monthly closure targets are met while managing caseload within agreed SLA thresholds. Continuously improve assessment quality, efficiency, and SLA adherence. Cybersecurity certifications (e.g., ISO 27001, CISA, CISM, CISSP, CRISC) are considered an advantage. Must Have / Required: Strong experience in IT Technology Risk Management and Third-Party/Vendor Risk Assessments. Hands-on expertise reviewing SIG questionnaires, vendor evidence, and cybersecurity controls. Solid understanding of risk frameworks and InfoSec domains (encryption, IAM, key management, logging, data protection, etc.). Excellent communication skills for cross-functional discussions with BU, IT, and vendor stakeholders. Experience handling audit, InfoSec due diligence, and risk documentation. Ability to manage high-volume caseloads while maintaining SLA commitments. Strong analytical, documentation, and reporting skills.