Third Party Risk Analyst at Procore Technologies

Austin, Texas, United States

Apply Now
Procore Technologies Logo
Not SpecifiedCompensation
Junior (1 to 2 years), Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
TechnologyIndustries

Requirements

  • Bachelor’s degree and at least 5 years of direct experience in third party risk management, information security, or GRC
  • Direct experience conducting complex, end-to-end risk assessments, preferably in a fast-paced or regulated environment
  • Deep understanding of information security and data protection frameworks (e.g., NIST CSF, ISO 27001, SOC 2) and regulations (e.g., GDPR, CCPA, EU AI ACT)
  • Strong knowledge of different data and system risk types and a proactive approach to risk mitigation
  • Hands-on experience with a TPRM platform like OneTrust, including customizing workflows and managing automations
  • Exceptional communication and presentation skills, with the ability to interact effectively with stakeholders at all levels
  • Critical thinking with strong analytical and problem-solving abilities
  • Proven ability to work independently, take ownership of tasks, and prioritize effectively in a dynamic environment
  • Preferred: Familiarity with data analysis and visualization tools like Power BI to support data-driven decisions

Responsibilities

  • Execute the TPRM Process: Conduct comprehensive risk assessments on third parties including analysis of appropriate security controls, contract requirements, and compliance documentation, gathering necessary information directly from third parties
  • Identify Critical Systems and Assets: Partner with technical and business teams to map sensitive data and critical systems, categorize third parties to guide reassessment, and identify processor/sub-processor relationships
  • Contribute to Program Development: Help shape and refine TPRM policies and procedures, looking for ways to improve efficiency, including the use of automation and AI
  • Support Contracting: Work with legal and procurement teams to include security and data protection requirements in contracts
  • Maintain Accurate Records: Accurately document all assessment activities, findings, and mitigation efforts in the TPRM platform (OneTrust)
  • Provide Operational Support: Guide business owners and third parties through the TPRM process, answering questions and providing a smooth experience
  • Monitor and Report: Support ongoing monitoring of third parties and contribute to recurring reports on the program's health and effectiveness

Skills

Key technologies and capabilities for this role

TPRMRisk AssessmentsOneTrustSecurity ControlsCompliance DocumentationVendor Due DiligenceOngoing MonitoringContract RequirementsData ProtectionAutomationAI

Questions & Answers

Common questions about this position

What experience is required for the Third Party Risk Analyst role?

A Bachelor’s degree and at least 5 years of direct experience in third party risk management, information security, or GRC are required, including direct experience conducting complex, end-to-end risk assessments, preferably in a fast-paced or regulated environment.

Is this Third Party Risk Analyst position remote or on-site?

The position is on-site.

What technical knowledge is needed for this role?

A deep understanding of information security and data protection frameworks such as NIST CSF, ISO 27001, SOC 2, and regulations like GDPR, CCPA, EU AI ACT is required, along with strong knowledge of different data and system risk types.

What platform experience is required for the TPRM Analyst position?

Hands-on experience with a TPRM platform like OneTrust is required, including customizing workflows and managing automations.

What skills make a strong candidate for this Third Party Risk Analyst role?

Exceptional communication and presentation skills to interact effectively with stakeholders at all levels, along with critical thinking, a proactive approach to problem-solving, and the ability to work independently are key.

Procore Technologies

Construction management software for project efficiency

Website

About Procore Technologies

Procore Technologies provides construction management software that helps streamline and improve the efficiency of construction projects. Its platform includes a variety of tools that assist with different stages of construction, such as prequalification, bid management, estimating, quality and safety management, design coordination, and Building Information Modeling (BIM). This software allows construction teams to enhance communication and visibility between field and office operations, which helps ensure projects are completed on time and within budget. Procore stands out from its competitors by offering a comprehensive all-in-one solution and personalized support services, including training and resources tailored to the specific needs of different clients. The company's goal is to be a trusted partner for construction professionals worldwide, enabling them to successfully manage their projects and adapt to industry trends.

Carpinteria, CaliforniaHeadquarters
2003Year Founded
$552.3MTotal Funding
IPOCompany Stage
Industrial & Manufacturing, Enterprise SoftwareIndustries
1,001-5,000Employees

Benefits

Hybrid Work Options
Professional Development Budget

Risks

Increased competition from new entrants like OpenSpace could challenge Procore's market position.
Dependency on FYLD integration may pose risks if FYLD's platform encounters issues.
Adoption challenges or technical issues with Procore AI Solutions could impact user satisfaction.

Differentiation

Procore offers a comprehensive suite covering all construction stages, from preconstruction to closeout.
The platform integrates BIM and AI solutions, enhancing project management and safety.
Procore's global reach with over 1,000,000 projects in 125 countries sets it apart.

Upsides

Procore's AI solutions aim to boost efficiency and safety in construction management.
The FYLD integration resulted in a 12% productivity gain, enhancing field-office connectivity.
Investment by LMR Partners LLP indicates strong confidence in Procore's growth potential.

Related Jobs

United States
Remote iconRemote

Senior Risk Analyst

Signifyd
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
San Antonio
Remote iconRemote

Third-Party Cyber Risk Manager

Humana
Salary not specified
Remote
Remote iconRemote

Senior Compliance Analyst

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
Canada
Remote iconRemote

Security Analyst

Qualified.com
$130,000 - $145,000/year
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
United States
Remote iconRemote

Senior Compliance Specialist

Wisk
Salary not specified
United Kingdom +5 more
Remote iconRemote

Senior Risk Analyst - Enterprise Risk Management

Deel
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Remote
Remote iconRemote

Sr. Information Security Analyst

Valon
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)

Land your dream remote job 3x faster with AI

Try Jobo Free