Senior Risk Compliance Engineer

Job Summary

A company is looking for a Senior Risk & Compliance Engineer specializing in Third Party Risk Management.

Key Responsibilities

• Review third-party vendors during onboarding due diligence and recurring evaluations to identify and mitigate cybersecurity, data privacy, and compliance risks
• Operate and enhance third-party risk management systems, utilizing tools for workflows and risk quantification
• Collaborate with Legal and Security Engineering to embed security and privacy requirements into third-party contracts, ensuring compliance with relevant frameworks

Required Qualifications

• 7+ years of experience in third-party security risk management, vendor audits, or compliance roles, preferably in technology
• Hands-on experience with third-party risk management and Governance, Risk, and Compliance tools
• Expertise in compliance standards and industry frameworks such as GDPR, CCPA, SOC2, NIST, and ISO 27001
• Familiarity with common security concepts and the ability to analyze vendor security documentation
• Previous experience in consumer data protection and privacy risk management