Vendor Risk Analyst

Why We Stand Out

Seeking a new challenge where your professional and personal aspirations are not only possible but supported? Kaufman Rossin might be just the place for you!

As one of the top accounting firms in the country, our foundation is “people first”. In the words of James Kaufman, “We prioritize our people, their development, and their well-being. Our values are translated into action every day."

Celebrated as the Best Place to Work in South Florida over a dozen times, Kaufman Rossin has grown to over 600 employees, with offices spanning the tri-county area, including sister entities Kaufman Rossin Wealth and Kaufman Rossin Alternative Investment Services.

The Firm is ranked 49 among the top 100 firms in the US by Inside Public Accounting 2023. Internationally, the Firm has offices in Bangalore and Haryana in India and the Ivory Coast in Africa.

Kaufman Rossin Professional Services Private Limited’s (the “Company”) offices are located in the World Trade Center (WTC) in Bangalore, Karnataka, India, and at the Unitech Cyber Park in Gurgaon, Haryana, India.

While the Bangalore office provides a range of services, including risk management, corporate governance, tax, assurance, and family office services, out of the Gurgaon office, we render highly specialized back office alternative investment services for global hedge funds and related fund types.

Think you have what it takes?

We're looking for a highly motivated, collaborative and technically experienced Third-Party Risk Analyst with ability to understand and apply the Vendor Risk Assessment (VRA) processes. The successful candidate must be reliable, resourceful and have a "can-do" attitude. You will be a key member of our team and play an important role in applying the Vendor Risk Assessment framework. In this role you will be required to demonstrate ability to analyze security risks, think out-of-box and provide pragmatic solutions and recommendations. The Third-Party Risk Analyst will be involved in driving this process forward and measuring Vendor Risk Assessment process compliance.

Requirements

How You’ll Contribute:

• Perform new and recurring third party risk assessments. Lead or assist with vendor risk assessment activities

• Review of third party provided audit reports and supporting collateral e.g., SOC reports and other certifications, or review of third-party security whitepapers.

• Using platforms and/or ‘SIGs’ / ‘STIGs’ issue and review questionnaires completed by third parties describing their environment and controls.

• Collaborate with the Procurement Team and the other teams such as Security and Privacy.

• Work in a self-directed, collaborative, and constructive manner with our internal stakeholders.

• Work with vendors to address any remediation activities required following completion of the assessment.

What Skills You’ll Bring:

• A minimum of 2–3 years of hands-on experience in IT Security and/or Governance, Risk, and Compliance (GRC), specifically in managing or evaluating security controls within an organization.

• Recent working experience with at least two of the following compliance programs: ISO 27001, SOC2 / SOC1, PCI, SSAE18, HIPPA, FISMA/FedRAMP.

• Ability to understand the intent of compliance requirements to provide effective and meaningful analysis.

• Ability to communicate technical security risks to non-technical business stakeholders. Strong ability to influence or negotiate with stakeholders dealing with competing priorities. Excellent organization and time management skills to oversee simultaneously occurring projects, tasks, and deadlines.

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.

• Bachelor's degree preferred

• Prior experience of working in the Security and/or Compliance group.

• Relevant professional certifications such as CISSP, CISA, CISM, CIPP, GIAC, PMP.

• Excellent report writing skills, ability to prepare compliance reports and associated metrics.

How You'll Stand Out

• Excellent organization and time management skills to oversee simultaneously occurring projects, tasks, and deadlines.

• Effective Cross-Functional Communication & Influence

• Broad Compliance Framework Expertise

Benefits

• Work-Life Balance

• People First Company

• Hybrid work policy

• Working directly with peers in the US

We embrace authenticity. Kaufman Rossin is an equal-opportunity employer. We are committed to creating a culture that reflects the diversity of our firm and clients. We encourage understanding, acceptance, and celebration among all people. That includes lifestyle, education, experience, race, ethnicity, age, religion, physical ability, sexual orientation, and gender identity. Differences make unique varieties.