Risk Analyst
Description:
We are looking for a Lead TPRM Monitoring and Reporting Analyst to support our growing Cybersecurity and Third-Party Risk Management (TPRM) program. This role is essential in transforming how we manage vendor risk by leveraging platforms like Archer and Fortress, and by building greater transparency into our third-party risk landscape.
You will play a key role in assessing vendor control environments, managing risk profiles, supporting platform adoption, and partnering cross-functionally with teams across compliance, innovation, IT, OT, and supply chain.
Responsibilities:
Own and execute the Cyber Assessments program, focusing on Third Party Risk Management (TPRM)
Perform Supplier/Vendor Control Assessments through Archer and Fortress
Collaborate with key teams (Cyber, Compliance, Supply Chain, Innovation) to ensure consistent execution of TPRM processes
Analyze vendor risk posture, track exceptions, and develop dashboards and metrics for leadership visibility
Help evolve and expand use of Archer and Fortress tools to drive risk insights across the organization
Support audit readiness, reporting, and continuous improvement efforts
Act as a subject matter expert and internal advocate for TPRM best practices and tools
Key Outcomes for Success:
Risk transparency across third-party relationships
Effective communication of continuous monitoring results
Seamless integration of TPRM insights into vendor onboarding and renewals
Growing adoption and impact of Archer and Fortress tools across business units
Proactive identification and mitigation of vendor-related cyber risks
Required Qualifications:
6+ years of experience in TPRM, vendor assessments, or related cyber risk functions
Hands-on experience with SOC2 reports, vendor metrics, and risk reporting
Strong familiarity with TPRM tools (Archer GRC, Fortress) and data analytics/reporting platforms
Proven collaboration and communication skills across technical and business stakeholders
Familiarity with NIST 800 CSF and general IT/cybersecurity frameworks
Bachelor’s degree or equivalent experience
Preferred Qualifications:
Experience with SharePoint, Excel, Word, and report building
ITIL v4 certification
Background in utilities, energy, or highly regulated industries