Security Analyst Ii – Third Party Risk Management

Security Analyst II – Third Party Risk ManagementAt Playlist, life's richest moments happen when people step away from screens to move, connect, explore, and play.We're building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond.With popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making it effortless for aspirations to become actions.Join us in reshaping technology's role to foster meaningful, real-world connections.Who we areWe are a dedicated team of security and information technology professionals focused on evolving Playlist's security posture.Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives.Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts toward a common objective.We advocate for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success.At the heart of our achievements lies the belief in the value of our people.If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve togetherYour roleThe Security Risk Analyst II will serve as a trusted advisor for Playlist's business stakeholders.This role is part of the Governance, Risk and Compliance team which is responsible for managing risks across the organization.Manage third-party risk management queues to include onboarding, periodic assessments, off-boarding, and due diligence requests to ensure appropriate actions are taken to engage or disengage third parties.Perform periodic security risk assessments and monitor the security posture of our existing third-party vendors.Implement enhancements to the TPRM Program, including recommendations on process, automation, and tools used for the TPRM Program's processes, policies, standards, procedures, and tooling.Assign risk rankings of vendor and customer relationships by analyzing due diligence questionnaire responses and documentation.Partner with Procurement and Legal departments during contractual negotiations to provide consultation on security and privacy clauses included in third-party agreements.Collaborate with our BISOs to advise Business Partners on the appropriate implementation of cyber security, procurement and legal controls for new third-party services, leveraging a combination of these controls and the Third Party's security and privacy programs to maintain our information security and privacy posture.Prepare security risk reports, dashboards, and operational review metrics (KRIs) or other metrics for continuous improvement and monitoring.Maintain the integrity of Playlist's Customer Trust Center documentation and customer security requests.Manage any internal and external audit requests related to TPRM activities and other compliance requests as needed.About the right team memberSelf-starter with the desire to ramp up quickly, collaborate, execute and propose alternative or creative solutions when necessary.Excellent time management, critical thinking, analytical and communication skills.Strong interpersonal skills, capable of interacting at all levels of the organization and with vendors.The ability to multitask and complete assignments within deadlines that may have short lead times.Strong collaboration skills.Detail-oriented, deadline-driven, self-directed and organized.Resourceful and can work well independently.You'll thrive in this role with experience in : 3–4 years of professional work experience in third-party risk, enterprise risk, cyber security governance and / or related functions (such as IT Risk Management and IT Audit).QualificationsDemonstrated leadership skills, excellent interpersonal skills, and proven problem-solving ability.Strong knowledge of industry best practices for third-party risk management.Relevant industry certifications (e.G., CISSP, CISM, CRISC, CISA).Ability to provide excellent customer service to internal customers.Sound like the role for you?We'd love to hear from youEven if you're not 100% sure about potential fit, we still encourage you to apply.We're looking for the right person, not the perfect series of checkboxes.Equal Opportunity EmployerPlaylist is an Equal Opportunity Employer.We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply.We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.Job DetailsSeniority level: Mid-Senior levelEmployment type: ContractJob function: AnalystIndustries: Technology, Information and Internet#J-*****-Ljbffr