Senior Third-Party Risk Management Analyst

As a Senior Third-Party Risk Management Analyst, you will lead security-focused due diligence and ongoing oversight of third-party service providers, ensuring they align with Epic's security, privacy, and compliance standards. This role is critical in protecting Epic's ecosystem and will involve leading third-party risk assessments, performing due diligence on vendors, and managing periodic reassessments. You will also collaborate with stakeholders across the company to integrate third-party risk insights into broader enterprise risk initiatives.

Requirements

• 5+ years of experience in third-party risk management, information security, IT audit, or GRC
• Deep understanding of security risk assessment frameworks and best practices
• Proficiency in GRC platforms such as Archer, OneTrust, ServiceNow, or similar tools
• Excellent verbal and written communication skills
• Ability to influence and challenge stakeholders at all levels

Benefits

• 100% coverage of medical, dental, and vision premiums for you and your dependents
• 401k with competitive match
• Long Term Disability, Life Insurance
• Unlimited PTO and sick time
• Robust mental well-being program through Modern Health
• Paid sabbatical after 7 years of employment