Analyst, Third Party Risk Management

The role exists in the Global Governance, Risk & Compliance Department and reports to the Manager of Third Party Risk Management. The company’s Third Party Risk Management Program is responsible for providing Iron Mountain's Business Relationship Owners, Employees, and Senior Management with the tools and insight to successfully manage and understand the company’s Third Party Risk exposure. Members of the Third Party Risk team are primarily responsible for the review and assessment of risk mitigating controls of the new and existing suppliers utilized across the firm, as well as for utilizing the tools and processes necessary to appropriately communicate concerns to the business stakeholders. The position partners with various areas including Procurement, Supplier Relationship Management, Privacy & Compliance, Information Security, Disaster Recovery, Business Continuity and Third Party relationships globally.Key Responsibilities:• Report directly to the Manager of Third Party Risk Management for all things concerning the Third Party Risk Program, maintenance and administration• Liaise with internal Subject Matter Experts (SMEs) and assessors (reviewers) of external assessment and documentation• Assess the control practices and posture of new and existing Third Parties for Iron Mountain (global)• Publish news, M&A briefing and track all alerts regarding Third Party relationships in regards to Iron Mountain Critical and High Risk Vendors (utilizing industry standard, real time monitoring tools)• Support the production of monthly metrics and executive dashboards• Translate the results of assessment analysis and findings into business consumable format and deliver those results to business, procurement, legal and other teams to guide risk-based decisions• Support the evolution and continuous improvement of Third Party Risk Assessment processes, including the development and maintenance of procedures, artifacts, and metrics to be used in the assessment of potential and existing third parties• Analyze, design and implement business processes and requirements to ensure compliance with all applicable Iron Mountain policies and proceduresMinimum Education: 4 Year College DegreeMinimum Experience: 2-4 years experience in: risk management, procurement, information security, and/or utilizing large data setsPreferred Skills:• Ability to communicate risk management topics/ideas to varied business stakeholders• Foundational understanding of security and risk management controls and practices• Strong analytical, mathematical, problem solving mindset• Ability to analyze data, generate reports and executive dashboards• Familiarity with Shared Assessments SIG (Standard Information Gathering) toolkits• Knowledge of the Google Suite• Attention to detail• Ability to learn multiple applications and software#LI-remoteReasonably expected salary range: $71,300.00 - $89,100.00Category: Risk ManagementIron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here .Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.Requisition: J0078323