Senior Analyst, Third-Party Risk Management

Job not on LinkedIn

🔥 0 minutes ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of DoorDash

DoorDash

10,000+ employees

🛍️ eCommerce

🚗 Transport

eCommerce • Marketing • Transport

DoorDash is a leading food delivery service that connects customers with local businesses and restaurants. By empowering local economies, DoorDash facilitates the growth and success of restaurants and retailers, offering a flexible work environment for its employees. The company emphasizes innovation and aims to redefine the local commerce experience while providing extensive benefits and opportunities for team members across various career areas.

📋 Description

• Drive the continuous maturation of TPRM program into a proactive, strategic security partnership • Architect and govern security strategy for BPO and contingent worker ecosystem • Design and build process automations for TPRM program • Pioneer the Supplier Security AI Governance framework • Establish and own core program governance and centralized reporting function • Partner cross-functionally with security engineering, procurement, business, privacy, and legal teams • Lead end-to-end issues and remediation tracking process • Execute core TPRM lifecycle tasks such as risk assessments, due diligence, and vendor onboarding

🎯 Requirements

• 7+ years of progressive experience in security-focused TPRM methodologies • Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field • Experience with program building, conducting security and/or assurance audits, controls, and risk assessments, and remediation management • Deep technical understanding and experience conducting comprehensive security risk and gap assessments of cloud, SaaS, including Artificial Intelligence (AI) solutions, and infrastructure vendors • Proficiency in the technical review of core security assurance documentation (CAIQ, SIG, SOC 2 Type 2 reports, Penetration Test reports, etc.) • Experience in the technical vetting of complex vendor solutions (API integrations, security of cloud-native services) • Practical experience in assessing unique risks associated with AI/ML models • Experience implementing major information security, privacy, and risk management frameworks (e.g. NIST, ISO, SOC 2) • Experience managing security and compliance programs across GRC disciplines in a global public company environment • Ability to solve complex systemic issues requiring creative thinking and cross-functional collaboration • Experience managing vendor risk across the full relationship lifecycle • Excellent verbal and written communication skills

🏖️ Benefits

• Comprehensive benefits package • 401(k) plan with employer matching • 16 weeks of paid parental leave • Wellness benefits • Commuter benefits match • Paid time off and paid sick leave in compliance with applicable laws • Medical, dental, and vision benefits • 11 paid holidays • Disability and basic life insurance • Family-forming assistance • Mental health program

Apply Now

Similar Jobs

🔥 23 hours ago

Gainwell Technologies

10,000+ employees

⚕️ Healthcare Insurance

Business Analyst at Gainwell harnessing technology to improve healthcare outcomes. Working on system requirements and client communications to ensure objectives are met.

🕒 2 days ago

Loftware

501 - 1000

☁️ SaaS

🏢 Enterprise

Senior Service Solutions Analyst partnering with Sales and Delivery for enterprise solutions. Responsible for scoping services offerings and aligning customer needs with delivery.

🕒 2 days ago

Streamline Healthcare Solutions

201 - 500

⚕️ Healthcare Insurance

☁️ SaaS

🛍️ eCommerce

Billing Business Analyst working directly with customers to enhance their billing processes. Utilizing behavioral healthcare knowledge to guide best practice workflows and develop training materials.

🕒 2 days ago

SafePaaS

11 - 50

🔒 Cybersecurity

☁️ SaaS

📋 Compliance

Business Analyst focused on requirements gathering, data analysis, and reporting for GRC implementations. Bridging business and technical teams for compliance and fraud-risk management.

🕒 2 days ago

SafePaaS

11 - 50

🔒 Cybersecurity

☁️ SaaS

📋 Compliance

Business Analyst focusing on compliance and fraud-risk to support GRC implementations at SafePaaS. Collaborating with stakeholders on requirements gathering, data analysis, and reporting.