Jobs · Sales

Senior Vendor Risk Analyst - Remote

Optum · Draper, UT · 6 days ago
Sales$73k–$130k/yrFull-time

About the role

The Senior Vendor Risk Analyst is responsible for assessing third-party risk exposure and supporting the organization's vendor risk management program. This role evaluates vendors across multiple risk domains, coordinates cross-functional assessments, and ensures higher-risk findings are appropriately escalated. The position also supports broader enterprise risk management efforts by aligning third-party reviews with organizational risk standards and preparing clear, well-supported risk documentation.

Responsibilities

  • Review vendor information to assess risk exposure and assign appropriate risk ratings in accordance with established assessment criteria
  • Analyze and report on vendor risk across multiple dimensions, including information security, financial, geographic, operational, regulatory, and technology risk
  • Collapse
  • Coordinate vendor risk assessments by partnering with subject matter experts and vendor managers to ensure thorough, accurate, and timely completion
  • Escalate higher-risk findings when additional due diligence, mitigation planning, or supplemental assessments are required
  • Collapse
  • Collaborate with internal stakeholders to gather supporting documentation, clarify risk factors, and facilitate timely assessment outcomes
  • Support enterprise risk management objectives by aligning third-party risk reviews with broader organizational risk standards and frameworks
  • Collapse
  • Prepare Vendor Risk Papers that provide detailed analysis of financial, operational, regulatory, and technology-related risks

Qualifications

  • 5+ years of experience assessing vendor or third-party risk
  • Solid understanding of vendor risk management principles, including second-line frameworks related to third-party risk oversight
  • Familiarity with industry compliance standards and frameworks, including ISO 27001, SIG, and SOC 2
  • Proven solid ability to read and analyze financial statements as part of risk evaluation and due diligence

Preferred Qualifications

  • Bachelor's degree or 5+ years of experience in third-party or vendor risk management within the banking industry
  • 2+ years of experience with eGRC Archer
  • Experience contributing to the development of materials and reports for senior and executive management, including Board and management-level committees
  • Experience working collaboratively with internal stakeholders, subject matter experts, and vendor managers
  • Knowledge of control and risk identification, with the ability to assess the strength of controls across multiple risk factors in complex environments and systems
  • Thorough understanding of risk management policies, best practices, and relevant certifications
  • Proven relationship management skills, including the ability to engage effectively with stakeholders, customers, and vendors, and to build strong professional networks
  • Proven ability to assess and evaluate AI-related risks and controls within third-party relationships, including awareness of AI tools, automated decision-making, and emerging AI regulatory requirements
  • Proven ability to synthesize complex risk information into clear, concise, and actionable documentation
  • Proven organizational skills, including the ability to successfully manage multiple concurrent priorities

Benefits

Our mission of helping people live healthier lives extends to our team members. Learn more about our range of benefits designed to help you live well.

Similar jobs