Analyst, Third Party Risk Management
Clutter
At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.
We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.
Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.
Third Party Risk Management, Analyst
REMOTE
Job Summary: The role exists in the Information Security Department and reports to the Manager of Third Party Risk Management. The company’s Third Party Risk Management Program is responsible for providing Iron Mountain's Business Relationship Owners, Employees, and Senior Management with the tools and insight to successfully manage and understand the company’s Third Party Risk exposure. Members of the Third Party Risk team are primarily responsible for the review and assessment of risk mitigating controls of the new and existing suppliers utilized across the firm, as well as for utilizing the tools and processes necessary to appropriately communicate concerns to the business stakeholders. The position partners with various areas including Procurement, Supplier Relationship Management, Privacy & Compliance, Information Security, Disaster Recovery, Business Continuity and Third Party relationships globally.
Key Responsibilities:
Report directly to the Manager of Third Party Risk Management for all things concerning the Third Party Risk Program, maintenance and administration
Liaise with internal Subject Matter Experts (SMEs) and assessors (reviewers) of external assessment and documentation
Assess the control practices and posture of new and existing Third Parties for Iron Mountain (global)
Publish news, M&A briefing and track all alerts regarding Third Party relationships in regards to Iron Mountain Critical and High Risk Vendors (utilizing industry standard, real time monitoring tools)
Support the production of monthly metrics and executive dashboards
Translate the results of assessment analysis and findings into business consumable format and deliver those results to business, procurement, legal and other teams to guide risk-based decisions
Support the evolution and continuous improvement of Third Party Risk Assessment processes, including the development and maintenance of procedures, artifacts, and metrics to be used in the assessment of potential and existing third parties
Analyze, design and implement business processes and requirements to ensure compliance with all applicable Iron Mountain policies and procedures
Support internal and external program audits by providing program overviews and supporting evidence as requested
Minimum Education: 4 Year College Degree
Minimum Experience: 3-5 years experience in: risk management, procurement, information security, and/or utilizing large data sets
Preferred Skills:
Ability to communicate risk management topics/ideas to varied business stakeholders
Foundational understanding of security and risk management controls and practices
Strong analytical, mathematical, problem solving mindset
Ability to analyze data, generate reports and executive dashboards
Familiarity with Shared Assessments SIG (Standard Information Gathering) toolkits
Knowledge of the Google Suite
Attention to detail
Ability to learn multiple applications and software
Reasonably expected salary range: $73,400.00 - $91,800.00
Category: Risk Management
Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here.
Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.
If you have a physical or mental disability that requires special accommodations, please let us know by sending an email to accommodationrequest@ironmountain.com. See the Supplement to learn more about Equal Employment Opportunity.
Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.
To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE
Requisition: J0081571