Vendor Security and Risk Analyst

 Not Specified
 Not Specified
 Monday, August 19, 2019


You will be challenged. Rewarded. And valued for your unique experience, background and perspective.
Join a team where hard work pays off and original thinking is celebrated. As you build your future at Westfield, you will quickly learn that protecting our customers future is at the heart of what we do. We deliver on our promise to help restore lives and rebuild businesses when the unexpected happens. Building relationships has been a part of our culture since 1848.

Be a part of a team that recognizes and appreciates those who take initiative, seek opportunity and strive for innovation in a changing world.

Vendor Security and Risk Analyst Job Summary
Salary Range: $58,073.00-$66,785.00-$75,496.00

The Vendor Security and Risk Analyst is responsible for performing and overseeing security/risk assessments of Third Parties for the Vendor Risk Management (VRM) program. The Vendor Security and Risk Analyst manages relationships with internal and external partners to ensure the information and analysis necessary for supplier oversight is completed in an accurate manner. The Analyst will partner with the Vendor Risk Management team to track and drive resolution of ongoing vendor deficiencies related to vendor information security according to the VRM program requirements.

Essential Functions (primary functions and/or reasons the job exists in order of importance)

1. Performs and oversees security and/or risk assessments of third parties for the Vendor Risk Management (VRM) program.

2. Works with standard processes, procedures and tools to assess vendor risks and support ongoing monitoring activities to mitigate operational and compliance risk.

3. Responsible for vendor security assessment using the VRM risk management platform and/or documentary artifacts.

4. Performs ongoing monitoring of vendors in a timely manner including, but not limited to, assessments of the vendors information security, business continuity, and other relevant factors.

5. Coordinates and collaborates with leaders, IT, and Procurement to provide effective oversight and risk management of vendor relationships and performance.

6. Conducts detailed remote (e.g. conference call, WebEx) interviews with vendors, when warranted by the VRM, and analyzes the results of vendor interviews for the purpose of managing vendor risk.

7. Conducts on site assessments at the vendor location, when warranted by the VRM program.

8. Coordinates with leaders, IT, and Procurement for new vendor implementations including, but not limited to, non-disclosure agreements, requests for information and/or requests for proposals, due diligence and contract negotiations.

9. Works closely with the vendor and Procurement to remediate any gaps or deficiencies related to a vendors performance and follows up on open items.

10. Works proactively to establish and maintain good working relationship with vendors to ensure compliance with all requirements and to maximize the vendor relationship.

11. Travels as needed to perform essential assessment functions when warranted by the VRM department.

Desired Qualifications/Experience/Certification/Education (in order of importance)

1. Minimum of 3 years of IT/ Information Security experience.

2. Experience interacting with, interviewing, and working collaboratively with outside vendors gained from previous work experiences.

3. Ability to analyze and report on relevant data gathered from outside parties.

4. Excellent oral, written and interpersonal skills.

5. Ability to work collaboratively with IT partners and Procurement.

6. Experience using Microsoft Windows and MS Office or transferable software applications.

7. Strong organizational skills and proven ability to multi-task.

8. Bachelors degree in information technology, security or related field or commensurate experience.

9. Working towards or already obtained the Certified Information Systems Security Professional (CISSP) designation.

10. Ability to travel domestically and occasionally internationally.

11. Valid drivers license and a driving record that conforms to company standard.

Physical Requirements (specific to the role)

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

* Ability to work effectively in an office environment for 40+ hours per week (including sitting, standing and working on a computer for extended periods of time).

* Ability to communicate effectively in a collaborative work environment utilizing various technologies such as: telephone, computer, web, voice, teleconferencing, e-mail etc.

* Ability to travel as required, including international travel.

* Ability to operate an automobile within the parameters of the driving policy.

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.

Westfield offers a Total Rewards program that focuses on compensation, benefits and wellness, and includes perks like 401(k), pension plan, annual incentive, education reimbursement, flex-time, onsite fitness center and casual dress. Work-life balance, recognition, and learning and career development are all part of a rewarding career with Westfield.

To learn more about Westfield and the opportunities available, please visit us at

We are an equal opportunity employer/minority/female/disability/protected veteran.