Be an early applicantLess than 25 applicants

Company

iHeartMedia · 6 hours ago

Senior Analyst - Third-Party Risk Management

North Carolina, United States

Full-time

Remote

Mid, Senior Level

$72K/yr - $90K/yr

Maximize your interview chances

AdvertisingAdvertising Platforms

Actively Hiring

Insider Connection @iHeartMedia

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Oversee Third Party Risk Management (TPRM): Lead the TPRM program by conducting thorough assessments of third-party vendors and service providers, ensuring they meet the organization’s security and compliance standards, and tracking their risk posture over time.

Collaboration with Internal Teams: Partner with internal teams such as IT, Legal, Procurement, Privacy and Information Security to ensure risks are identified, reported, and mitigated, and that third-party relationships are aligned with corporate governance policies

Vendor Risk Management: Perform in-depth reviews of third-party vendor contracts, service level agreements (SLAs), and compliance documentation to ensure risk mitigation strategies are in place, including proper data protection, disaster recovery, and security control measures.

Policy and Governance Development: Lead the creation and refinement of policies, procedures, and standards for TPRM and enterprise risk management to ensure they are up to date with industry best practices and regulatory requirements (e.g., SOX, HIPAA, GDPR, CCPA).

Lead Third-party risk assessments and monitoring.

TPRM Risk monitoring and status tracking.

Collaboration on risk mitigation strategies.

Regular reporting and risk analytics.

Risk assessments for new and/or existing 3rd parties vendors projects and initiatives.

Lead any inbound assessments

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Third-Party Risk ManagementRisk assessmentsCybersecurity policiesSecurity governance modelsVendor managementRisk management frameworksCompliance requirementsAccess control managementAuditing skillsTechnical writingCollaboration skills

Required

Lead Third-party risk assessments and monitoring.

TPRM Risk monitoring and status tracking.

Collaboration on risk mitigation strategies.

Regular reporting and risk analytics.

Risk assessments for new and/or existing 3rd parties vendors projects and initiatives.

Lead any inbound assessments.

Acts responsibly with sensitive and confidential information.

Is creative and resourceful as a problem solver.

Consistently demonstrates the drive to deliver successfully even under difficult timelines.

Has strong analytical, methodical, investigative and auditing skills.

Knows when to make practical rational decisions that reduce risk to iHM information and Information systems.

Good written and verbal communications skills.

Good technical writing skills.

A critical logical thinker who is efficient and methodical.

Background in a security governance model such as NIST, ISO, and PCI.

Experience in developing cybersecurity policies and procedures.

Familiarity with risk management frameworks.

Familiarity with Asset Management.

Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.

Familiarity with access control management and strategies.

Able to manage vulnerability remediation through use of mitigation strategies.

Familiarity with security control assessments and procedures.

Ability to perform audits of systems, software, and security controls.

Familiarity with administering a corporate security awareness training program.

Experience with vetting vendors and vendor management.

Familiarity with legal and regulatory compliance requirements.

Respect for others and a strong belief that others should do this in return.

Full proficiency and understanding of job function.

Ability to work independently with minimal guidance.

In-depth knowledge of key business drivers and how this impacts your team.

Experience in team and project management for mid-sized projects.

Ability to recognize and mitigate risk.

Confidence to solve complex problems using multiple sources of information.

Growth mindset and desire for continued knowledge sharing and learning.

Understanding of impact of your own decisions.

Ability to identify new opportunities for continued improvement across business.

Comfort acting as a trusted advisor for colleagues with less experience.

Ability to manage complex and confidential information and to influence others to build consensus across all levels.

Benefits

Employer sponsored medical, dental and vision with a variety of coverage options

Company provided and supplemental life insurance

Paid vacation and sick time

Paid company holidays, including a floating holiday that enable our employees to celebrate the holiday of their choosing

A Spirit day to encourage and allow our employees to more easily volunteer in their community

A 401K plan

Employee Assistance Program (EAP) at no cost – services include telephonic counseling sessions, consultation on legal and financial matters, emotional well-being, family and caregiving

A range of additional voluntary programs, such as spending accounts, student loan refinancing, accident insurance and more!