Vendor Risk Management Analyst- 5 days onsite Reston, VA

Arlington, Virginia

Onsite

Full Time

$130k - $150k

Vendor Risk Management Analyst

This position requires working closely with cross-functional teams, internal business stakeholders, and third-party vendors to lead risk assessments, covering due diligence and documentation for both new and existing vendors. You will also be instrumental in building relationships within the company to manage third-party risk, overseeing the complete third-party lifecycle, performance monitoring, and other related vendor management tasks.

The company is located in Reston, VA and will be 5 days on site.

What You Will Be Doing:
  • Maintain an up-to-date inventory of third-party vendors and engagements, ensuring adherence risk management policies and procedures.
  • Conduct risk assessments for both new and current vendors, identifying and evaluating potential risk factors.
  • Partner with internal account managers and vendors to ensure due diligence questionnaires are completed and returned promptly.
  • Build and maintain effective relationships with third parties and internal stakeholders to support collaboration and align on risk management goals.
  • Assist with incident response efforts by coordinating with impacted vendors.
  • Work with the Procurement team to manage vendor onboarding and offboarding processes.
  • Provide regular updates and metrics on Vendor Risk Management operations.
  • Stay current with industry trends, regulatory updates, and new risks related to third-party risk and vendor management.
Required Skills & Experience:
  • 2-3 years of experience in an information security or vendor risk management role.
  • Excellent written communication skills, with the ability to produce clear security assessments, documentation, reports, and metrics.
  • Strong planning and organizational skills, able to collaborate effectively with both technical and non-technical teams.
  • Familiarity with security standards and frameworks, such as ISO 27001, NIST, etc.
  • Bachelor’s degree or equivalent in Computer Science or a related field.
  • Security certifications like CISA, CISSP, GSEC, or Security+ are a plus.
  • Experience with Third-Party Risk Management Platforms (TPRM) is a plus.
  • Knowledge of the homebuilding and mortgage industries is beneficial.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.

Posted by: Ashton Corbett

Specialization: Network Security