Analyst - Affiliate and Vendor Risk Management (100% Remote Throughout US)
Job Description The Role / Responsibilities
As an Analyst within the Affiliate and Vendor Management team, you will have the opportunity to engage in process improvement efforts, inspire innovation and help drive the affiliate/acquisition and vendor security review process and roadmap.
In the management of Moody's affiliates, the Analyst will be key in the integration and ongoing assessment of affiliate and acquisition security compliance and optimization to ensure these entities are in compliance with the broader MCO IT use policies and guidelines. If the affiliates are not properly aligned with the MCO policies and guidelines the candidate will drive initiatives to close gaps.
In the management of Moody's vendors, the Analyst will drive the due diligence, risk assessment, onboarding and continuous monitoring of Moody's vendors to ensure these entities are in compliance with MCO vendor security control guidelines. If the vendors are not properly aligned, the Analyst will drive initiatives to close gaps. The candidate will be key in helping integrate a new Vendor Management tool, establishing tool workflows, applying risk management assessment configurations and vendor liaison. The analyst will also help manage the software review process, to assess the risks associated with onboarding new products
The Analyst will also be empowered to identify opportunities to streamline process and leverage technology to ensure affiliates/acquisitions and vendors do not present unwarranted risk to the company. The Analyst will work closely with other information security teams including access management, architecture, incident management and business liaisons to ensure recommended initiatives are properly coordinated across the security landscape.
The ideal candidate will demonstrate extensive knowledge and a proven record of success in:
- Working with process-based, technology-enabled solutions that ensure vendors/affiliates meet required information security standards
- Demonstrating strong communications and influencing skills, interacting with different teams across the organisation and establishing relationships with affiliates and vendor contacts
- Experience with Vendor Risk Management toolsets (OneTrust experience preferred), including assessment using standardized collection templates (e.g. SIG questionnaires/SOC2 reports, etc.), configuration of risk assessment formulas, understanding of vendor risk reporting
- Proven organisational skills, the ability to work to strict deadlines when necessary and manage and prioritize deliverables from multiple sources
- Demonstrating high performance as a team player, working on a common vision, leveraging diverse views and encouraging improvement and innovation
- Bachelor's Degree in Finance, Computer Science, MIS or Business
- Minimum 2 years of program/process design and process improvement experience
- Demonstrated expertise with security, 3 rd party oversight,
- 3+ years of work experience in Finance Sector within IT, Finance, HR or Operations
- Excellent communication skills with respect to both technical and non-technical audiences at various levels of the organization
- Experience with data, reporting, analytics and automation practices & solutions
- Passion for end to end solutions and delighting the end user through effective listening and expectation management
Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion, national origin, citizen status, marital status, physical or mental disability, military or veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Moody's also provides reasonable accommodation to qualified individuals with disabilities in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email firstname.lastname@example.org. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.
For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance. For New York City positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the New York City Fair Chance Act. For all other applicants, qualified applicants with criminal histories will be considered for employment consistent with the requirements of applicable law.
Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.