Third Party Risk Analyst

TL;DR

Third Party Risk Analyst: Supporting the end-to-end Third-Party Risk Management (TPRM) lifecycle with an accent on security assessments, vendor compliance, and control validation. Focus on managing risk workflows, interpreting security artifacts like SOC 2 reports, and driving remediation efforts to ensure organizational security standards.

Location: Must be based in the Philippines (Hybrid)

Company

hirify.global is an AI-powered Experience Orchestration platform that empowers organizations to create empathetic, personalized customer and employee experiences at scale.

What you will do

• Manage the end-to-end TPRM workflow, including intake, due diligence, and ongoing monitoring.
• Conduct security risk assessments, evaluate controls, and document residual risk.
• Administer risk assessment tooling, including vendor onboarding and questionnaire tracking.
• Review and validate security artifacts such as SOC 2 reports and ISO 27001 certificates.
• Document findings, write risk narratives, and recommend remediation actions.
• Track remediation plans and support continuous improvement of TPRM processes.

Requirements

• Bachelor’s degree in information security, IT, Cybersecurity, or a related field.
• Minimum 2 years of related experience in information security, IT audit, risk, compliance, or GRC.
• Strong analytical skills with the ability to translate control gaps into clear risk statements.
• Detail-oriented with strong documentation discipline.
• Strong verbal and written communication skills.
• Ability to coordinate effectively with diverse business units.

Culture & Benefits

• Opportunity to work in a global organization with over 6,000 employees.
• Emphasis on independence, ownership, and making a significant impact.
• Collaborative environment that values empathy and teamwork.
• Competitive benefits and perks comparable to large tech companies.
• Commitment to fairness and equal opportunity in the workplace.