Vendor Risk Management Analyst- 5 days onsite Reston, VA

About The Position

Requirements

• 2-3 years of experience in an information security or vendor risk management role.
• Excellent written communication skills, with the ability to produce clear security assessments, documentation, reports, and metrics.
• Strong planning and organizational skills, able to collaborate effectively with both technical and non-technical teams.
• Familiarity with security standards and frameworks, such as ISO 27001, NIST, etc.
• Bachelor's degree or equivalent in Computer Science or a related field.

Nice To Haves

• Security certifications like CISA, CISSP, GSEC, or Security+ are a plus.
• Experience with Third-Party Risk Management Platforms (TPRM) is a plus.
• Knowledge of the homebuilding and mortgage industries is beneficial.

Responsibilities

• Maintain an up-to-date inventory of third-party vendors and engagements, ensuring adherence to risk management policies and procedures.
• Conduct risk assessments for both new and current vendors, identifying and evaluating potential risk factors.
• Partner with internal account managers and vendors to ensure due diligence questionnaires are completed and returned promptly.
• Build and maintain effective relationships with third parties and internal stakeholders to support collaboration and align on risk management goals.
• Assist with incident response efforts by coordinating with impacted vendors.
• Work with the Procurement team to manage vendor onboarding and offboarding processes.
• Provide regular updates and metrics on Vendor Risk Management operations.
• Stay current with industry trends, regulatory updates, and new risks related to third-party risk and vendor management.