Third Party Risk Management Analyst - Remote

Overview

The Third Party Risk Management (TPRM) Analyst at CoreWeave will be responsible for supporting the GRC Manager, team members, and internal/external stakeholders with the day-to-day operations of the TPRM Program. The primary focus of this role will be to conduct third-party risk assessments and develop mitigation plans to minimize third-party risks.

In Short

• Complete third-party risk assessments for all new vendors
• Ensure assessments include Business Impact Analysis (BIA) and Data Protection Impact Assessment (DPIA)
• Reevaluate vendors based on their criticality level
• Coordinate collection of security assessment artifacts from vendors
• Triage assessments requiring technical reviews
• Prepare and monitor vendor risk assessment statuses
• Update due diligence tracking and escalate issues
• Own and update control evidence related to TPRM
• Document program processes and procedures
• Support sales department with customer TPRM questionnaires

Requirements

• Experience conducting third-party risk assessments
• Strong experience utilizing Jira
• Ability to conduct vendor BIA and Data Privacy assessments
• 3-5 years of experience in IT/Security Compliance/Audit
• Bachelor's in Information Security, Computer Science, or related degree
• Proven experience in compliance, risk, and IT security program management
• Familiarity with data privacy regulations (ISO 27701, GDPR)
• Excellent written communication skills
• Experience collaborating with cross-functional teams
• In-depth knowledge of security and compliance standards

Benefits

• Medical, dental, and vision insurance - 100% paid for by CoreWeave
• Company-paid Life Insurance
• Short and long-term disability insurance
• Flexible Spending Account
• Health Savings Account
• Tuition Reimbursement
• Mental Wellness Benefits
• Paid Parental Leave
• 401(k) with a generous employer match
• Flexible PTO