Vendor Assessor

The Vendor Assessor (Third-Party Risk & Security), embedded within a major banking client, is responsible for performing comprehensive security, privacy, and technical risk assessments on third‑party vendors, cloud service providers, and external software suppliers before integration into the bank’s ecosystem.

• Conduct end‑to‑end cybersecurity and data privacy risk evaluations of third‑party vendors, reviewing SOC 2 reports, ISO certifications, penetration test results, and architecture diagrams.
• Verify compliance with financial services regulations, local banking authority guidelines, and internal information security standards.
• Identify security gaps during assessments, negotiate remediation plans with vendor security teams, and track open risks to closure or senior sign‑off.
• Produce detailed, defensible risk assessment reports and maintain an accurate ledger of third‑party risk profiles to s...