opengreenhousehardyaka
Senior Analyst, Third Party Risk Management (TPRM)
Payoneer
LocationGurugram, India, India-Gurgaon
Last observed2026-06-13 05:23:40.546920
Job idhardyaka-payoneer:greenhouse:7647164
About Payoneer Founded in 2005, Payoneer is the global financial platform that removes friction from doing business across borders, with a mission to connect the world’s underserved businesses to a rising global economy. We’re a community with over 2,500 colleagues all over the world, working to serve customers, and partners in over 190 countries and territories. By taking the complexity out of the financial workflows–including everything from global payments and compliance to multi-currency and workforce management, to providing working capital and business intelligence–we give businesses the tools they need to work efficiently worldwide and grow with confidence. Role Summary The Third Party Risk Management (TPRM) function is responsible for establishing and operating the enterprise framework for identifying, assessing, and overseeing risks arising from third party relationships, including outsourced service providers, banking partners and other critical vendors. The function supports regulatory compliance, operational resilience, and sound risk governance across the full third party lifecycle. The Senior Analyst, Third-Party Risk Management is responsible for executing core third-party risk oversight activities across the vendor lifecycle, with a particular focus on due diligence execution, security assessment review, and portfolio monitoring. The role supports portfolio visibility, intake handling, and management reporting, and contributes to the improvement and automation of TPRM workflows through the use of data analytics and AI-enabled tooling. The role brings a technology and security risk lens to complement the team's existing capabilities across governance, operational resilience and vendor risk management. Primary Duty and Responsibilities Execute due diligence activities across the third-party lifecycle , including initial onboarding assessments, periodic reviews, and event-driven assessments for higher-risk and higher-tier vendors, ensuring assessments are complete, accurate, and decision-ready. Review and process vendor intake requests, ensuring completeness of information and correct classification and routing based on service characteristics, risk drivers, and technology profile. Perform structured reviews of v endor security assessment materials for higher-risk vendors, including SOC 2 reports, ISO 27001 certifications, security questionnaires, and control evidence, synthesizing findings into clear outcomes and required follow-up actions. Assess vendor security posture against relevant control frameworks (e.g., ISO/IEC 27001, SOC 2, NIST CSF) and document risk indicators, control gaps, and remediation requirements. Support the review and assessment of AI-related vendor risks, including model governance, data privacy, and AI-specific control considerations for vendors deploying AI in their products or services. Develop and maintain third-party portfolio reporting, dashboards, KPIs, and tracking outputs that provide management visibility into remediation progress, control gaps, vendor risk trends, and overall program status. Lead data analytics and reporting initiatives that improve the quality, structure, accuracy, and usability of TPRM portfolio data across the vendor lifecycle. Support the evaluation, implementation, and operationalisation of AI-enabled tools and automation workflows across TPRM processes, working closely with the program manager and Platform team. Identify opportunities to improve operational efficiency, consistency, and scalability through automation and AI-assisted review. Review and analyze vendor data, assessment outputs, contracts, and supporting documentation to identify inconsistencies, missing information, risk indicators, and opportunities for process improvement. Support identification and analysis of portfolio-level considerations, including vendor concentration, dependency indicators, technology risk exposure, and remediation trends. Maintain structured datasets, remediation track
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.