Senior GRC Analyst - Third Party Vendor Risk [Loc: Hyd]

About Opendoor

Founded in 2014, Opendoor's mission is to empower everyone with the freedom to move. We believe the traditional real estate process is broken and our goal is simple: build a digital, end-to-end customer experience that makes buying and selling a home simple, certain and fast. We have assembled a dedicated team with diverse backgrounds to support more than 100,000 homes bought and sold with us and the customers who have selected Opendoor as a trusted partner in handling one of their largest financial transactions. But the work is far from over as we continue to grow in new markets. Transforming the real estate industry takes tenacity and dedication. It takes problem solvers and builders. It takes a tight knit community of teammates doing the best work of their lives, pushing one another to transform a complicated process into a simple one. So where do you fit in? Whether you're passionate about real estate, people, numbers, words, code, or strategy -- we have a place for you. Real estate is broken. Come help us fix it.

• Evaluate third-party vendors' security posture and conduct risk assessments to identify potential vulnerabilities and threats to the organization.
• Ensure compliance with legal and regulatory requirements related to third-party contracts, including data protection, privacy, and security standards.
• Develop and implement a framework to continuously monitor third-party vendors' security performance, including regular audits and assessments.
• Collaborate with IT, Engineering, People, and Legal stakeholders to communicate security requirements, address concerns, and facilitate the resolution of security-related issues.
• Provide guidance and support to internal teams on third-party risk management best practices and procedures.
• Stay informed about industry trends, emerging threats, and regulatory changes related to third-party risk management, and incorporate relevant insights into risk mitigation strategies.

• Minimum of 4 years of experience in third-party risk management, vendor risk assessment, or related field.
• Demonstrated ability to evaluate third-party vendors' security posture and assess associated risks to the organization.
• Proven skill in establishing and maintaining effective relationships with third-party vendors to address security concerns and enforce security requirements.
• Experience in developing and implementing frameworks to continuously monitor third-party vendors' security performance.
• Excellent communication skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.

• Management consulting experience is a big plus.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are preferred.