Vendor Risk Management Specialist

Job title: Vendor Risk Management Specialist

Company: CloudPay


Job description: CloudPay is looking for a highly motivated Vendor Risk Management Specialist to support the rapid expansion of the company.
The Vendor Risk Management Specialist is responsible for assessing, monitoring, and mitigating third-party risks associated with vendors, suppliers, and service providers. This role ensures that all vendors meet internal compliance standards and external regulatory requirements, contributing to the overall third-party risk management framework of CloudPay.Please submit your English CVKey Responsibilities Daily Duties and Main Responsibilities will include:

• Conduct initial and ongoing risk assessments of vendors based on business impact, data sensitivity, and compliance requirements.
• Collaborate with procurement, legal, technology, and business functions to evaluate third-party risks.
• Maintain and update the vendor risk register and ensure vendor documentation is current and complete.
• Support the vendor onboarding process by reviewing vendor evaluation questionnaires, due diligence reports, and compliance checks.
• Monitor vendor performance and compliance with contractual obligations.
• Conduct periodic virtual and onsite audits of high-risk vendors compiling findings and associated remediation plans in a timely manner.
• Collaborate with vendors to monitor remediation plans from audits to closure.
• Proactively monitor regulatory requirements and adjust vendor risk procedures accordingly.
• Assist in developing and maintaining policies, procedures, and training related to vendor risk management.
• Report and escalate significant vendor risks to senior leadership and suggest mitigation strategies.

Description Attributes and Experience Required
Essential

• Sound level of knowledge and experience in vendor risk management, third-party risk, compliance, or related field.
• Knowledge of regulatory frameworks and risk management methodologies.
• Strong analytical and project management skills.
• Excellent communication skills to build relationships internally, and with vendors in both English and Spanish
• Proficiency in risk assessment tools, Microsoft Excel, and GRC platforms.

Preferred

• Internal Auditor ISO/IEC 27001:2022, CISSP, CISM, CRISC, CISA, PCI-DSS certification, or other relevant certifications preferred.

Expected salary:

Location: San Jose, CA

Job date: Thu, 10 Apr 2025 06:56:31 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck