Third Party Risk Management Analyst - USDS

Other responsibilities include:
- Coordinating between USDS TPRM, Procurement, and Legal operations about vendor lifecycle management, contract clauses verification and compliance assessment procedures
- Technical writing and communication between cross-functional teams and Non-USDS lines of business
- Validating vendor compliance screening assessments
- Reporting vendor security risk assessments for authorized and rejected vendors
- Coordinating between USDS Risk Management, Global Security Organization, and other applicable internal teams on unresolved findings and vulnerability management
- Enhancing USDS TPRM standard operating procedure as it pertains to emerging threats and USDS Vendor Program policy requirements
- Validating security standard controls and audits as applicable to the overall USDS TPRM program and process
- Managing assessment lifecycles and dashboard reporting
- Coordinating and executing assessments for site visit assessments (physical and remote) and reporting related to TikTok USDS data centers and Content Delivery Networks (CDNs)

Qualifications

Minimum Qualifications
- Bachelor's degree in risk management or equivalent privacy, security, compliance, project management, or like discipline from an accredited college
- 3+ years of third party risk management or related security experience
- Fundamental understanding of Third Party Risk Management and direct experience partnering with Procurement and Legal functions
- Technical writing and verbal communication skills that enable executive reporting on Third Party Risk metrics
- Findings and vulnerability management experience related to the resolution and/or remediation of web vulnerabilities, bugs, and cybersecurity vulnerabilities
- Critical thinking and analytical decision making skills to forecast issues, events and/or risks pertaining to TPRM

Preferred Qualifications
- Supply Chain risk management experience related to software and hardware solutions/tooling to include but not limited to Bill of Materials (BOM) analysis
- Contract clause verification pertaining to security, privacy and business resilience controls
- Experience implementing vendor lifecycle procedures including Onboarding, Ongoing Monitoring and Offboarding requirements
- Experience with TPRM incident event management, policy development, enhancement and awareness
- Experience with OFAC Sanctions and foreign ownership compliance assessments

Job Information

[For Pay Transparency] Compensation Description (annually)

The base salary range for this position in the selected city is $98800 - $146400 annually.

Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work, and this role may be eligible for additional discretionary bonuses/incentives, and restricted stock units.

Benefits may vary depending on the nature of employment and the country work location. Employees have day one access to medical, dental, and vision insurance, a 401(k) savings plan with company match, paid parental leave, short-term and long-term disability coverage, life insurance, wellbeing benefits, among others. Employees also receive 10 paid holidays per year, 10 paid sick days per year and 17 days of Paid Personal Time (prorated upon hire with increasing accruals by tenure).

The Company reserves the right to modify or change these benefits programs at any time, with or without notice.

For Los Angeles County (unincorporated) Candidates:

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Our company believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment:

1. Interacting and occasionally having unsupervised contact with internal/external clients and/or colleagues;

2. Appropriately handling and managing confidential information including proprietary and trade secret information and access to information technology systems; and

3. Exercising sound judgment.

Client-provided location(s): New York, NY

Job ID: TikTok-7559561583597472007

Employment Type: OTHER

Posted: 2025-10-11T20:19:09