Third Party Risk Analyst

About Ping Identity:

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. We call this digital freedom. And it's not just something we provide our customers. It's something that inspires our company. People don't come here to join a culture that's built on digital freedom. They come to cultivate it.

Our intelligent, cloud identity platform lets people shop, work, bank, and interact wherever and however they want. Without friction. Without fear.

While protecting digital identities is at the core of our technology, protecting individual identities is at the core of our culture. We champion every identity. One of our core values, Respect Diversity, reminds us to celebrate differences so you are empowered to bring your authentic self to work.

We're headquartered in Denver, Colorado and we have offices and employees around the globe. We serve the largest, most demanding enterprises worldwide, including more than half of the Fortune 100. At Ping Identity, we're changing the way people and businesses think about cybersecurity, digital experiences, and identity and access management.

As a Third Party Risk Analyst, you will work as part of Ping Identity’s Security Team to assess its third parties’ risk and security posture by engaging in vendor and supplier assessments and audits, working with internal teams and business owners to understand, document and implement third party technology securely, and in accordance with corporate policy. You will track vendor performance against security obligations and highlight identified risk to relevant stakeholders. You will work closely with Ping Identity’s Procurement, Legal and data privacy functions to review vendor practices for security and privacy. You will be focused on improving and streamlining the third party risk assessment process, whilst ensuring that due diligence is performed.

You will:

• Perform regular, thorough risk assessments of new and existing vendors;
• Maintain accurate and complete records of all vendor risk assessments and engagements;
• Support the security audit function;
• Support the security risk management function;
• Help manage the vendor risk assessment platform, working with system owners to streamline the assessment process;
• Collaborate with relevant stakeholders to drive continuous improvement of the end-to-end third party risk management process.
• Own the relationships between security, stakeholders and business owners.
• Define vendor and supplier assessment procedures and frameworks in accordance with corporate policy;
• Evaluate vendor and supplier compliance with contractual, regulatory and compliance requirements.

You have:

• 3+ years of experience in a third party risk-based role in the information technology field.
• Understanding of effective security controls at the systems, network, and application level and how to apply with cloud-based services.
• Experience with security risk management frameworks.
• Excellent communication skills (interpersonal and written)
• Knowledge of industry standard security control frameworks and guidelines.

You have an advantage if you have:

• A good understanding of industry standard security frameworks (ISO 27001, SOC 2 etc.)
• Relevant industry qualifications (e.g. CTPRP)

Education Requirements:

• Bachelor's Degree in business or computer science related field or equivalent experience

Life at Ping:

We believe in and facilitate a flexible, collaborative work environment. We’re growing quickly, but remain true to the innovative, can-do startup values that got us here. Most importantly, we keep hiring talented, smart, fun, and genuinely nice people because that’s who we want to succeed with every day.

Here are just a few of the things that make Ping special:

• A company culture that empowers you to do your best work.
• Employee Resource Groups that create a sense of belonging for everyone.
• Regular company and team bonding events.
• Competitive benefits and perks.
• Global volunteering and community initiatives

Our Benefits:

• Generous PTO & Holiday Schedule
• Parental Leave
• Progressive Healthcare Options
• Retirement Programs
• Opportunity for Education Reimbursement
• Commuter Offset (Specific locations)

Ping is the collective sum of all our individual experiences, backgrounds and influences and we pride ourselves in growing and learning together. We are committed to building an inclusive and diverse environment where everyone’s individuality is respected and everyone has an Identity. In recruiting for new colleagues, we welcome the unique contributions you can bring and encourage you to be your best self.

We are an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.