Vendor Risk Management Analyst

📋 Description

• Manage intake requests for vendor partnerships and start VRM assessments.
• Monitor progress of ongoing assessments; coordinate with leaders and reviewers.
• Maintain accurate vendor records through the engagement lifecycle, including renewals and offboarding.
• Serve as first point of contact for VRM; explain requirements clearly.
• Assist business owners with intake/assessment workflow; raise issues when needed.
• Inform SMEs in Information Security, Privacy, and Legal about new vendor engagements for assessment.

🎯 Requirements

• 3+ years in vendor risk, third-party risk, compliance operations, or similar.
• Familiar with VRM/GRC concepts and frameworks such as SIG, CAIQ, NIST, SOC 2.
• Strong organizational skills; able to manage high volumes.
• Clear, professional communication with founders, vendors, and cross-functional teams.
• Proficiency with Microsoft 365; experience with GRC/VRM platforms (OneTrust, ServiceNow) a plus.
• Comfortable working in a distributed environment across time zones.

🎁 Benefits

• Paid time off and retirement savings options (e.g., 401k).
• Bonus eligibility; equity grants and employee stock purchase plan.
• Competitive health benefits.
• Parental leave and family-friendly benefits.