Risk Analyst – Vendor Risk and Compliance needed at OnePyramid

Job title : Risk Analyst – Vendor Risk and Compliance

Job Location : Lagos

Deadline : June 15, 2024

Quick Recommended Links

Position Overview:

  • We are seeking to hire a talented Risk Analysts with expertise in IT, Supply Chain, or Cybersecurity to join our team.
  • The ideal candidate will be responsible for assessing vendor risk and compliance with security standards, ensuring alignment with organizational objectives and regulatory requirements.
  • The candidate will play a critical role in identifying, analyzing, and mitigating risks associated with vendor relationships, contributing to the overall security and resilience of our organization.


  • Conduct comprehensive assessments of vendor risk and compliance with security standards, including evaluation of security controls, policies, and procedures.
  • Collaborate with cross-functional stakeholders to define risk assessment criteria, methodologies, and scoring frameworks, ensuring consistency and accuracy in risk analysis.
  • Evaluate vendor contracts, agreements, and service level agreements (SLAs) to identify security requirements and compliance obligations.
  • Analyze vendor security documentation, such as security questionnaires, assessments, and audit reports, to assess the adequacy and effectiveness of security measures.
  • Identify gaps, vulnerabilities, and areas of non-compliance with security standards, and develop risk mitigation strategies and remediation plans.
  • Communicate findings and recommendations to key stakeholders, including senior management, procurement teams, and vendor management offices.
  • Monitor and track vendor risk remediation activities, ensuring timely resolution of identified issues and compliance gaps.
  • Stay abreast of industry trends, regulatory changes, and emerging threats in IT security and supply chain risk management, and provide insights and recommendations to enhance organizational resilience.


  • Bachelor’s degree in Information Technology, Computer Science, Business Administration, or related field. Master’s degree preferred.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification preferred.
  • Minimum of 4+ years of experience in risk management or vendor management roles, with a focus on IT security, supply chain, or cybersecurity.
  • Strong understanding of security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, and GDPR.
  • Experience conducting risk assessments, security audits, and compliance reviews for vendors and third-party service providers.
  • Proficiency in risk assessment tools and methodologies, such as risk matrices, heat maps, and risk scoring models.
  • Excellent communication and interpersonal skills, with the ability to effectively engage and influence stakeholders at all levels of the organization.
  • Strong analytical and problem-solving abilities, with a demonstrated track record of identifying and mitigating security risks and compliance issues.

Tools and Technologies:

  • Risk Assessment Tools (e.g., RSA Archer, OneTrust, etc.)
  • Vendor Risk Management Platforms (e.g., BitSight, RiskRecon, etc.)
  • Security Questionnaire Tools (e.g., Shared Assessments, SIG Questionnaire, etc.)
  • Document Management Systems (e.g., SharePoint, Confluence, etc.)
  • Microsoft Office Suite (Word, Excel, PowerPoint, Outlook.

How to Apply for this Offer

If you are passionate about this role, send your resume to jobs@onepyramid.com

  • Accounting / Financial Services  jobs
  • Risk Analyst – Vendor Risk and Compliance jobs