Third Party Risk Analyst

Addison Group

Chicago, IL

JOB DETAILS
SKILLS
Analysis Skills, Communication Skills, Computer Security, Contract Requirements, Contract Review, Detail Oriented, Documentation, External Audit, HIPAA (Health Insurance Portability and Accountability Act), ISO (International Organization for Standardization), IT Procurement, Information/Data Security (InfoSec), Internet Security, Leadership, Legal, Maintain Compliance, Organizational Skills, PCI-DSS, Privacy Controls, Regulations, Regulatory Compliance, Reporting Dashboards, Reporting Skills, Requirements Management, Risk, Risk Analysis, Risk Management, Sales, Security Analysis, Security Policy, Vendor/Supplier Evaluation
LOCATION
Chicago, IL
POSTED
Today

OverviewWe are seeking a detail-oriented and analytical Third-Party Risk Analyst to support our risk management program. This role is responsible for reviewing client contracts for security and compliance requirements, assessing vendor and third-party risks, and maintaining and updating internal security policies to align with regulatory and contractual obligations.The ideal candidate has experience in contract review, risk assessments, and policy governance in a cybersecurity or compliance-focused environment.Key ResponsibilitiesContract ReviewReview client and vendor contracts, data protection agreements, and master service agreements for information security, privacy, and compliance terms.Identify and communicate gaps between client requirements and internal policies or capabilities.Collaborate with Legal, Sales, Procurement, and IT Security teams to align contract terms with organizational standards.Third-Party Risk ManagementAssess third-party vendors for cybersecurity and compliance risks.Track and manage third-party security assessments, questionnaires, and audits.Ensure vendor compliance with applicable regulations, such as GDPR, CCPA, HIPAA, SOC 2, ISO 27001, etc.Security Policy ManagementMaintain and update information security policies and procedures to reflect changes in laws, regulations, and business needs.Coordinate policy reviews with stakeholders across IT, Legal, HR, and Compliance departments.Ensure policies meet the requirements outlined in client contracts and external audits.Documentation & Reporting:Document risk findings and decisions in risk registers or compliance platforms.Prepare reports and dashboards to communicate contract review outcomes and vendor risk status to leadership.Track remediation activities related to third-party risk or contractual gaps.QualificationsBachelor's degree in information security, Risk Management, Business, Legal Studies, or a related field.2–4 years of experience in third-party risk, compliance, legal contract review, or security governance.Familiarity with regulatory frameworks (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2).Strong understanding of contract terms related to data privacy and cybersecurity.Excellent analytical, communication, and organizational skills.#J-18808-Ljbffr

About the Company

A

Addison Group

Need a job? Need an employee? Then you need Addison Group, the professional staffing and search firm that has reshaped the industry with our excellent placements in the Administrative & HR, Engineering, Executive Search, Finance & Accounting, Healthcare, and IT sectors.

Addison Group has enjoyed rapid growth since its inception in 1999, when a group of visionary industry leaders in Chicago set out with the simple goal of recruiting the best candidates for the best companies. With the help of its strategic investment partner, Trilantic Capital Partners, Addison Group has expanded its reach across the country through 13 offices and six core industry sectors, from Administrative to IT.
COMPANY SIZE
1,500 to 1,999 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
1999
WEBSITE
http://www.addisongroup.com/