Third Party Risk Anlayst

Remote Full-time
Third Party Risk Analyst This is a fully remote role. D&H is growing! Join 100+ year old Employee-Owned technology distributor, offering end-to-end solutions for today's resellers, retailers, and the clients they serve across the SMB and Consumer markets. • We are empowered by our employee Co-Owners who provide the industry’s best service, and we promote a collaborative culture. • We offer an Employee Stock Ownership Plan, 401k, Paid Time Off, Medical, Prescription, Dental and Vision benefits as well as Gym Reimbursement, Work from Home Reimbursement, Employee Purchase Program, Tuition Assistance and much more! • As a D&H Co-Owner you receive numerous discounts on services. • We feel strongly about giving back to the community and promoting sustainable, eco-friendly business practices. SUMMARY D&H Distributing is looking to hire a detail-oriented and analytical Third-Party Risk Management Analyst to support our vendor risk program. This role will be responsible for assessing, monitoring, and managing risks associated with third-party vendors and service providers, ensuring compliance with internal policies, contractual requirements, and industry regulations. The analyst will work closely with stakeholders across Procurement, Information Security, Compliance, and Legal to identify and mitigate risks throughout the vendor lifecycle. ESSENTIAL DUTIES AND RESPONSIBILITIES • Conduct third-party risk assessments for new and existing vendors, focusing on security, compliance, privacy, and operational risks • Review vendor due diligence materials such as SOC reports, ISO certifications, penetration test results, and compliance questionnaires • Monitor and track vendor performance and risk posture through ongoing assessments and periodic reviews • Maintain the vendor risk inventory and ensure vendor information is accurate and up to date. • Collaborate with internal teams to define risk mitigation plans and follow up with vendors on remediation efforts • Support the development and enhancement of third-party risk management policies, procedures, and tools • Assist in the implementation and administration of third-party risk management platforms. • Prepare reports and dashboards for management, summarizing vendor risk findings, trends, and remediation status • Stay informed of emerging risks, regulatory requirements, and best practices related to vendor management and third-party security · Evaluate the effectiveness of information security controls and performance by developing, monitoring, gathering, and analyzing information security and compliance metrics for management • Stay up to date on the latest security and industry trends including their compliance requirements • Maintain familiarity with cybersecurity frameworks such as NIST, CIS, and other security technology by attending workshops and reviewing publications • Coordinate across organization to ensure mutual success in protecting D&H • Work with the business units to remediate identified issues with minimal assistance • Effectively deal with rapid change in a positive manner • Participate in all company/location driven communication efforts, including huddles, department meetings, and other related efforts • Maintain a positive and professional working relationship with peers, management, support resources, and the community with a constant commitment to teamwork and exemplary customer service to present a professional image of D&H Distributing • Perform all other duties as assigned by management in a professional and efficient manner EDUCATION and/or EXPERIENCE • Bachelor’s degree in Information Security, Risk Management, Business, or related field (or equivalent experience). • 2+ years of experience in vendor risk management, IT risk, compliance, or a related role. • Familiarity with common information security and risk frameworks (ISO 27001, SOC 2, NIST, CIS, HIPAA, PCI-DSS, etc.). • Strong analytical and problem-solving skills with attention to detail. • Ability to communicate effectively with technical and non-technical stakeholders. • Experience with third-party risk management tools/platforms is a plus (e.g., Archer, ProcessUnity, OneTrust, ServiceNow VRM). Apply tot his job
Apply Now →

Similar Jobs

Manager II Risk & Controls ERM and Strategic Risk Assessment

Remote

[Remote] Cyber Risk & Compliance Manager – January 2026

Remote

Staff Engineer, Third Party Risk Management - Trust

Remote

Jr. SCRM Assessor

Remote

Manager Regulatory Compliance, Risk Management

Remote

IT Governance, Risk and Compliance Analyst

Remote

Compliance Manager – Business Conduct Hotline Triage Lead

Remote

Clinical Risk Management Analyst (RN) - Day Shift, Mon - Fri SJHSYR-MAINCAMPUS

Remote

Sr. Solution Consultant, Integrated Risk Management

Remote

Consultant- Chief Risk Officer - Operations (Fractional/Contract Role)

Remote

Remote Pharmacy Technician - Work from Home Opportunity with Competitive Salary and Benefits in Indiana Medicaid Rx Prior Authorizations

Remote

Experienced Home-Based Data Entry Specialist – Part-Time and Full-Time Remote Opportunities for Detail-Oriented Individuals

Remote

Experienced Virtual Customer Care Professional - $40/Hour - blithequark

Remote

Experienced Remote Customer Service Representative – Delivering Exceptional Support and Shaping Outstanding Customer Experiences at Apple

Remote

Sales Estimator [REMOTE within Pacific Time Zone]

Remote

Entry Level Remote Data Entry Clerk and Research Participant Opportunity to Work from Home with Flexible Hours

Remote

Experienced Entry-Level Remote Data Entry Specialist – Launch Your Career with arenaflex in a Dynamic and Innovative Environment

Remote

HR Generalist/Recruiter

Remote

**Experienced Live Chat Customer Support Representative – Deliver Exceptional Real Estate and Private Equity Client Experience**

Remote

Data Entry Clerks-Earn $1700/ Week (Remote Work At Home)

Remote
← Back