Person, Clothing, Face, Female, Sleeve, Woman, People, Long Sleeve, Portrait, Smile

Risk Analyst, Third Party Risk Management

 

Risk Analyst, Third Party Risk Management

  • JR-120148
  • Redwood City
  • Information Technology
  • Full time
Risk Analyst, Third Party Risk Management

Equinix is one of the fastest growing data center companies, growing connectivity between clients worldwide. That’s why we're always looking for creative and forward-thinking people who can help us achieve our goal of global interconnection. With 200 data centers in over 24 countries spanning across 5 continents, we are home to the Cloud, supporting over 1000 Cloud and IT services companies that are directly engaged in technological innovation and development. We are passionate about further evolving the specific areas of software development, software and network architecture, network operations and complex cloud and application solutions.

At Equinix, we make the internet work faster, better, and more reliably. We hire hardworking people who flourish solving hard problems and give them opportunities to hone new skills, try new approaches, and grow in new directions. Our culture is at the heart of our success and it’s our authentic, humble, gritty people who create The Magic of Equinix. We share a real passion for winning and put the customer at the center of everything we do.

Job Summary:   We are continuing to build our Third-Party Security Risk Management Team to implement and mature the onboarding and continuous monitoring processes in place to provide a clear and updated view of the risk landscape presented by our outsourced supplier population. The Third-Party Risk Analyst will report to the Information Risk Program Manager and provide value with a critical thinking mindset and the ability to incorporate automated risk assessment workflows to measure and manage loss exposure within the Information Security Organization’s supplier portfolio. This individual will also support the execution of assessment and audit requests from our own customers to satisfy their due diligence efforts.  

Responsibilities

  • Lead the implementation and maturation of the third-party security risk management processes supporting new supplier onboarding and continuous monitoring.  

  • Satisfy the security assessment and audit requests from our own customers to support their own due diligence efforts.  

  • Support the Procurement Organization’s supplier onboarding process by performing pre- and post-contract due diligence including inherent risk triage, administration of appropriate security assessments, and issue management and remediation.  

  • Manage a growing portfolio of suppliers requiring continuous monitoring efforts to maintain risk landscape visibility of the organization’s supply chain.  

  • Help develop and enforce the policies governing supplier security risk assessment.  

  • Attend meetings with internal stakeholders as needed to discuss and normalize more formalized third-party risk management processes.  

  • Perform evaluations of vendor security practices including the review of assessment questionnaires and attestations that substantiate vendor responses.  

  • Utilize vendor security intelligence data from providers such as RiskRecon and Bitsight to drive objectivity into vendor security assessment and help quantify third-party risk.  

  • Create related issues associated with assessment artifact reviews and track these issues to remediation with the internal business and third-party points of contact.  

  • Use inherent risk and security assessment review ratings to determine residual risk and define the periodicity of ongoing vendor security assessment.  

  • Use security-related issues as input to the identification of loss event scenarios required to be tracked within the organization’s risk register.  

  • Participate in periodic contract reviews to assure appropriate clauses exist supporting the organization’s right to audit the security practices of its third parties.

  • Continuously drive the maturation of the third-party and supply chain risk programs supporting the Information Security Organization’s strategic objectives. 

Qualifications

  • 3+ years formally executing TPRM workflows.

  • Bachelor's preferred.

  • At least one industry recognized security and/or third-party risk management certification (CISSP, CRISC, CISA, CISM, OpenFAIR, CTPRP, C3PRMP). 

  • Practical experience implementing and managing formalized third-party risk management workflows at scale.  

  • Experience using industry recognized Vendor Risk Management platforms to support end to end third-party risk management workflows. 

  • Experience using security intelligence data to identify and measure third-party risk (RiskRecon, Recorded Future, Bitsight, Security Scorecard, etc.) 

  • Experience assessing risk with limited data and making recommendations to better inform resource prioritization decision making.  

  • Strong critical thinking and problem-solving skills. 

  • Strong communication, customer service and interpersonal skills. 

  • Ability to manage multiple competing tasks and prioritize effectively. 

  • Ability to work both independently and as part of a cross-functional team. 

  • Experience using FAIR and RiskLens to quantify information risk as financial loss exposure faced by the organization preferred.

We offer Medical, TeleMedicine, Dental, Vision, Life and AD&D insurance, 401K, Leave of absence & disability benefits, paid time off & holidays and more.

In accordance with Colorado State Law (https://leg.colorado.gov/bills/sb19-085) the salary range for Colorado for this role is $85K- $115K per year with 15% bonus target.

Equinix is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.

Apply Now

Sign in with LinkedIn
Autofill my information with LinkedIn
Alert me about jobs like this

Not You?

You're now being redirected to the application website

Know someone who would be great for this job? Let them know here!

Fill in your details 

Not You?

Thank you

People Also Viewed

Platform Partner Program Director

Regular JR-122032 Redwood City. Seattle California. Washington United States Redwood City. Seattle Partner Account Management Sales B6
Platform Partner Program DirectorEquinix is the world’s digital infrastructure company, operating 200+ data centers across the globe and providing interconnections to all the key clouds and networks. Businesses need one place to simplify and bring...

Talent Acquisition Coordinator

Fixed Term JR-122103 Munich Germany Munich Talent Acquisition Human Resources B2
Talent Acquisition CoordinatorJob Summary:This position will either support or be responsible for managing the full cycle recruitment. May guide and facilitate the hiring manager and team to a successful hire. Execute the Talent Acquisition Strate...

Supervisor, Billing, Americas

Regular JR-121613 Tampa Florida United States Tampa Billing Finance M1
Supervisor, Billing, AmericasEquinix is the world’s digital infrastructure company, operating 200+ data centers across the globe and providing interconnections to all the key clouds and networks. Businesses need one place to simplify and bring tog...

Senior Software Engineer

Regular JR-122079 Sunnyvale. Atlanta. Chicago. Waltham. North Bergen. London. Frisco. Ashburn California. Georgia. Illinois. Massachusetts. New Jersey. Pennsylvania. Texas. Virginia United States Sunnyvale. Atlanta. Chicago. Waltham. North Bergen. London. Frisco. Ashburn Enterprise Software Architecture and Engineering Information Technology T4
Senior Software EngineerEquinix is the world’s digital infrastructure company, operating 210 data centers across the globe and providing interconnections to all the key clouds and networks. Businesses need one place to simplify and bring together ...

Implementation Manager - Datacenter

Regular JR-121968 Saint Denis France Saint Denis Program and Project Management Project and Program Management B4
Implementation Manager - DatacenterEquinix, Inc. (Nasdaq: EQIX) exploite les centres de données qui offrent aux entreprises un lieu de fonctionnement fiable et d'échange sécurisé d'informations essentielles en Amérique du Nord, en Europe et en Asi...

Business Development Senior Associate

Regular JR-121791 Saint Denis. Frankfurt. Amsterdam Z.O.. London France. Germany. Netherlands. United Kingdom Saint Denis. Frankfurt. Amsterdam Z.O.. London Program and Project Management Project and Program Management B3
Business Development Senior AssociateEquinix is the world’s digital infrastructure company, operating an interconnected platform of digital services in 200+ data centers across the globe. We provide the digital economy with the access and business...

Apply Now

Sign in with LinkedIn
Autofill my information with LinkedIn
Alert me about jobs like this

Not You?

You're now being redirected to the application website

Equal Employment Opportunity: 
Equinix is an Equal Employment Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.

(US Applicants)

Please click here to see the “EEO is the Law” poster and supplement.

Please click here to see our EEO Policy Statement.

Please click here to see our Pay Transparency Policy Statement.