Third Party Risk Management Analyst

Job Description

COMPLIANCE

What We Do

We help the company do the right thing by identifying, monitoring, and reporting on potential risks in order to support the company's goal of promoting trust in our products and services.

What You'll Do

As a Third Party Risk Management (TPRM) Analyst, you will be responsible for assessing, monitoring, and managing risks associated with Epics's third-party service providers. You will conduct due diligence reviews, assess ongoing risk assessments, facilitate offboarding processes, and ensure data integrity with Epic's GRC tool. Your work will help safeguard the organization by ensuring third parties meet security, privacy, and compliance standards.

In this role, you will
• Conduct third-party risk assessments during the onboarding process, evaluating inherent risk, enabling to take a risk-based approach to due diligence by evaluating privacy, information security, and compliance risks
• Perform periodic reassessments of Epic's most critical third parties to identify and mitigate emerging risks
• Ensure accurate and complete data and maintenance within the GRC tool to support risk reporting and decision making
• Collaborate and partner with internal stakeholders to ensure third-party risks are effectively managed and TPRM processes are appropriately followed
• Support third-party offboarding by assessing residual risks and ensuring proper documentation and controls are in place
• Assist with regulatory and audit inquiries related to TPRM

What we're looking for
• 3-5 years of experience in TPRM, vendor risk, compliance, audit, or a related field. Gaming, Technology, Consulting, or Financial Services experience a plus
• Familiarity with GRC tools and risk assessment methodologies (e.g., OneTrust, Archer, ServiceNow, etc)
• Strong ability to assess risk data, identify patterns, and make informed recommendations
• Ability to ensure accuracy in assessments, documentation, and data management
• Strong written and verbal communication skills to effectively partner with internal teams and third parties, balancing empathy and effective challenge
• Ability to be flexible while navigating complex processes and risk issues
• Comfortable working in a cross-functional environment and adapting to changing business and regulatory requirements

Note to Recruitment Agencies: Epic does not accept any unsolicited resumes or approaches from any unauthorized third party (including recruitment or placement agencies) (i.e., a third party with whom we do not have a negotiated and validly executed agreement). We will not pay any fees to any unauthorized third party. Further details on these matters can be found here.

Jobcode: Reference SBJ-d5x0p1-18-119-132-23-42 in your application.