Third-Party Risk Analyst (Hybrid)

Location: Petaling Jaya, Selangor

Job Descriptions:

• Assess and manage risks related to operations, finance, cybersecurity, and privacy.
• Conduct due diligence checks, including Third Party Questionnaire (TPQ) reviews, financial screenings, and follow-up remediation actions.
• Use tools like Aravo and D&B Risk Analytics for conducting Financial Due Diligence (FDD) and logging findings.
• Review risk scorecards and data to support decision-making.
• Prepare clear reports, risk acceptance notes, and documentation.
• Work closely with Procurement, Legal, and Risk teams on mitigation plans and contract-related matters.
• Communicate with third parties and internal teams throughout the assessment process.
• Help train new assessors and guide privacy and IRQ/TPQ matters.
• Support audit and compliance activities and stay updated on regulatory requirements.
• Use cybersecurity and privacy knowledge to evaluate third-party risks effectively.

Job Requirements:

• Bachelor’s degree in Risk Management, Cybersecurity, Business Administration, or a related field.
• At least 3 years of experience in risk assessment, audit, operational risk, or compliance roles.
• Knowledge of audit processes and regulatory compliance frameworks relating to third-party risk and data protection.
• Understanding of cybersecurity risk methodologies, privacy regulations, and information security standards.
• Proficiency with risk assessment tools such as Aravo and D&B Risk Analytics.
• Relevant certifications such as CISA, CRISC, or CIPP/E are an added advantage.

Others Information:

For those who have what it takes, please send in resume to: Recruitment Consultant : Lara Email : lara@brightprsopect.com.my