Alacrinet · 9 hours ago
Risk Consultant
United States
Contract
Remote
Mid LevelAlacrinet is seeking a Risk Consultant to support Third-Party Risk Management Strategy Planning for the Americas. The role involves conducting gap analyses, assessing risks related to third-party vendors, and maintaining a registry of vendors while ensuring compliance with risk management standards.
ConsultingInformation TechnologySecurity
Responsibilities
Conduct gap analyses and assessment of the third-party risk management programs
Assess and mitigate risks related to the processing, transmission, and storage of data by third-party vendors
Maintain a registry of third-party vendors and external processes that impact the organization
Assist in developing a strategic roadmap to evolve the third-party risk management programs and fulfill internal and external compliance audits or assessments
This candidate should have familiarity with North and South American risk management standards and regulatory requirements
Self-starter, able to work with little supervision
Good verbal and written communication skills are required as this position entails extensive interaction with business teams
Assist with developing a strategic roadmap to evolve the third-party risk management programs
Enforce policies and procedures related to vendor data and security
Provide regular program status reports and metrics to management
Assist in fulfilling internal and external program audits or assessments
Develop and drive third-party risk management training and awareness campaigns
Participate in new business initiatives to champion risk-by-design principles and identify and escalate vendor-related considerations
Ensure that vendors are complying with security and risk requirements and address performance concerns
Collaborate with and assist business units to develop corrective action plans for identified vendor compliance issues
Continuously monitor the status and effectiveness of third-party risk controls
Ensure third-party key risk indicators (KRIs) are effectively monitored to prevent an unacceptable impact on business objectives and reputation
Update and re-evaluate the extent to which information is shared externally with service providers
Qualification
Required
Conduct gap analyses and assessment of the third-party risk management programs
Assess and mitigate risks related to the processing, transmission, and storage of data by third-party vendors
Maintain a registry of third-party vendors and external processes that impact the organization
Assist in developing a strategic roadmap to evolve the third-party risk management programs and fulfill internal and external compliance audits or assessments
This candidate should have familiarity with North and South American risk management standards and regulatory requirements
Self-starter, able to work with little supervision
Good verbal and written communication skills are required as this position entails extensive interaction with business teams
Enforce policies and procedures related to vendor data and security
Provide regular program status reports and metrics to management
Assist in fulfilling internal and external program audits or assessments
Develop and drive third-party risk management training and awareness campaigns
Participate in new business initiatives to champion risk-by-design principles and identify and escalate vendor-related considerations
Ensure that vendors are complying with security and risk requirements and address performance concerns
Collaborate with and assist business units to develop corrective action plans for identified vendor compliance issues
Continuously monitor the status and effectiveness of third-party risk controls
Ensure third-party key risk indicators (KRIs) are effectively monitored to prevent an unacceptable impact on business objectives and reputation
Update and re-evaluate the extent to which information is shared externally with service providers
Proficiency with OneTrust, Navex or similar vendor management tool
Proficiency with GRC platforms or similar risk assessment tools
Excellent communication (verbal and written), facilitation, and interpersonal skills, including the ability to influence across all levels of an organization
Inquisitive, adaptive, and agile learner
A hands-on risk practitioner with the ability to shift between operational and strategic mindsets
Highly motivated self-starter with the ability to work collaboratively and independently
Demonstrated ability to navigate unstructured processes and to simultaneously manage responsibilities of multiple/concurrent work streams
Demonstrated competency in thinking strategically, analytically, and innovatively, including the ability to synthesize and analyze vendor data
Ability to flourish in a challenging, fast-paced environment and exhibit excellent multi-tasking skills
Demonstrated ability to build relationships and form effective alliances across functions to ensure optimal vendor delivery
Must have a reliable internet connection and be able to work Pacific time zone hours
Preferred
Bachelor's Degree in Business, Risk Management, or Computer Science related fields
Experience in third-party risk program development and management
Third-Party Risk Management certifications such as: Shared Assessments: CTPRP, CTPRA; Third Party Risk Institute: C3PRMP
Ability to obtain buy-in from key business and technology stakeholders for key risk initiatives
Strong program and/or project management skillset with proven experience managing concurrent initiatives
Prior consulting experience in third-party risk and vendor compliance
Must have a reliable internet connection
Must be able to work Pacific time zone hours
Company
Alacrinet
Alacrinet is an IT consulting firm provides security solutions.
Founded in 2002
11-50 employees
Funding
Current Stage
Early StageCompany data provided by crunchbase