Posted Jul 9, 2026

REMOTE Supplier Risk Analyst

Apply for this Role →
Supplier Risk Analyst The Supplier Risk Analyst will be responsible for reviewing supplier documents, consulting with appropriate departments and compiling information into a summary for the teams use. Responsibilities • Coordinate and perform supplier security risk reviews: • Review incoming documents from Suppliers (e.g., SOC 2 Type II reports, high level system architecture diagrams, information security policies) • Consult with other shared service departments, as appropriate (e.g., Procurement, Privacy, Operational Risk, Legal) • Compile information into a summary report, highlighting concerns in the form of a risk report/profile for a supplier or particular engagement • Support reporting and analysis of supplier security risk: • Monitor key supplier changes and risk indicators. • Issue monitoring, exception tracking and oversight of remediation actions to improve overall Supplier performance • Define, measure and monitor progress of supplier risk management activities (Issue Tracking, Risk Remediation Efforts, Key Supplier Metrics) • Create reporting materials detailing program activities, supplier metrics and issue remediation • Maintain supplier data accuracy within designated systems. • Provide guidance and training to stakeholders on supplier risk management policies and procedures. Experience: • Bachelor’s degree in Business Information Systems, Computer Science or similar. • Minimum four years related experience, including at least two years of third party risk management experience conducting risk or compliance assessments • Understanding of information security frameworks and standards (e.g., NIST 800-171, ISO27002/27002, PCI, GDPR) • Ability to document and communicate assessment results clearly and concisely • Knowledge of supplier risk management methodologies, risk mitigation principles • Ability to work both independently and as part of a team to deliver quality work • Attention to detail, and the ability to prioritize works efficiently and effectively • Nice to have • Experience with ServiceNow and/or OneTrust. • Security-related certifications (CISA, CISM, CISSP, SANS GIAC) • Higher education and/or research institution experience • Understanding of higher education legal and regulatory environment (e.g. Apply tot his job Apply To this Job