18 days old

Third Party Risk Senior Analyst (Hybrid)

Best Buy
Richfield, MN 55423
  • Job Code
The Third Party Risk Senior Analyst, will manage and execute assessments to identify, manage, and communicate risk across the enterprise. This role will work with various teams within the Best Buy Enterprise, including Privacy, Legal, IT, and Procurement to advise on third party risk topics that include information security, business resiliency, reputation, finance, ethics, compliance, and insurance. In addition, the Senior Analyst will support team processes, develop reporting/metrics, and ensure data integrity within Archer eGRC.

What will you do?

Conduct enterprise-wide third party risk assessments of Best Buys external partners.

  • Execute, coordinate and support risk assessments to identify and prioritize risks.
  • Facilitate and analyze responses of Risk Profiles to ensure the appropriate level of risk is assigned to each third party service line.
  • Assess risks and prioritize based on existing, internally approved information risk ranking models.
  • Create, organize, and maintain reporting/metrics within Archer eGRC.
  • Conduct reassessments based on inherent risk schedule.
Advise partners regarding inherent and residual risk posed by third parties.
  • Effectively communicate roles and responsibilities pertaining to the assessment process and finding remediation with internal business teams and external vendors.
  • Assist in communications to business partners on impact, likelihood and severity of risks in driving risk remediation efforts.
  • Collaborate with various audiences, including Security Architecture, Application Security, IT, BC/DR, Legal, Procurement and others.
Maintain relationships with internal Best Buy teams through clear, consistent communication.
  • Support team intake process to ensure appropriate responses and resources are communicated to enterprise partners regarding general questions, assessment requests and other inquiries as needed.
  • Serve as Business Resiliency risk liaison to understand finding requirements and relay learnings to the Third Party Risk team.

Basic Requirements:

  • 2 years or more experience in any of the TPRM risk categories (i.e. Information Security, Business Resiliency, Finance, Ethics/Compliance, or Insurance).
  • 2 years or more experience performing risk assessments or audits
  • Familiarity with the Payment Card Industry Data Security Standard (PCI DSS), NIST Cyber Security Framework (CSF), and ISO 27000 series
  • Willingness to travel 10%

Preferred Qualifications:
  • Bachelors degree (or 5+ years of general relevant experience)
  • Security+, Network+, or SSCP certification
  • Experience with Teams and MS Office.
  • Ability to work with a start-up mentality inside of a large organization to provide security. recommendations with the business strategy and goals in mind.

Posted: 2022-05-10 Expires: 2022-06-08
Sponsored by:
ADP Logo
Sponsored by:
Bank of America Logo

Featured Jobs[ View All ]

Featured Employers

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Third Party Risk Senior Analyst (Hybrid)

Best Buy
Richfield, MN 55423

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast