GRM Third-Party Risk Senior Analyst

“I can succeed as a GRM Third-Party Risk Senior Analyst at Capital Group.” As a Global Risk Management (GRM) Third-Party Risk Senior Analyst at Capital Group, you will play a critical role in providing valuable third-party risk management expertise and support the development and evolution of our global third-party risk management practices. To thrive in this role, you have been successful in demonstrating your ability to partner with cross-functional teams to identify third-party risks and opportunities, advise on third-party requirements and best practices, and champion third-party initiatives and priorities with business teams and leadership. “I am the person Capital Group is looking for.” You have demonstrated expertise in third-party risk management, with hands-on experience administering the full lifecycle, from initial vendor assessments through ongoing risk mitigation and issue resolution. You have experience with third-party risk management and other GRC technology tools (e.g., ProcessUnity, ServiceNow). You have created KRIs/KPIs and configured reports and dashboards. You have supported audit activities (e.g., SOC 1/SOC 2), ensured compliance with global regulatory requirements and best practices, and addressed vendor assessment challenges within a complex global supplier ecosystem. You are skilled at collaborating with subject matter experts, key stakeholders, and business partners to ensure a cohesive approach to third-party risk management, while providing broad risk management and technical expertise. You can develop strong relationships with colleagues regionally and globally, and influence others in areas of the organization where you don’t have direct authority. You have developed and updated policies and standards ensuring processes and controls are documented clearly and comprehensively to withstand scrutiny from regulators, internal audit, and external examiners. You have prepared and presented routine third-party risk reports and updates to management and appropriate leadership, while also delivering training programs to enhance third-party risk awareness across the organization. You can apply experience across other enterprise risk domains (e.g., operational risk, IT risk, regulatory risk, etc.) to strengthen the overall risk management framework and ensure holistic oversight of third-party engagements. You have leveraged AI and automation tools to enhance efficiency in third-party risk assessments, streamline due diligence workflows, and improve continuous monitoring capabilities. You have provided oversight over managed services providers, ensuring service delivery aligns with contractual obligations, risk expectations, and performance standards. You have experience in information security and IT concepts, with a strong background in conducting technical vendor risk assessments and analyzing control evidence such as SOC 2 Type II reports, penetration test results, policies, and compliance certifications. You have supported the ongoing refinement of the third-party risk management framework by applying analytical skills and curiosity to address complex, evolving business and regulatory challenges. You thrive in ambiguity. You possess strong written and verbal communication skills, organizational agility, attention to detail, and interpret meaningful information from large data sets. You also demonstrate excellent planning, project management skills, and the ability to manage competing priorities with composure.