Senior Analyst - Third Party Technology

Posted 9 Days Ago
Be an Early Applicant
Pine Cove East, UT, USA
In-Office
Senior level
Fintech • Payments • Financial Services
The Role
Lead third-party technology risk assessments, due diligence, and continuous monitoring of vendor security and compliance. Develop vendor risk scoring, support incident management, review contractual controls, contribute to policies and frameworks, engage stakeholders, assist audits, and support Group CISO and cyber strategy deliverables.
Summary Generated by Built In

The Apex Group was established in Bermuda in 2003 and is now one of the world’s largest fund administration and middle office solutions providers.

Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion.

That’s why, at Apex Group, we will do more than simply ‘empower’ you. We will work to supercharge your unique skills and experience.

Take the lead and we’ll give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.

For our business, for clients, and for you

Job Description:

Third Party Technology Assurance – Senior Associate.          

Location:- Pune, Viman Nagar.

Position Overview

A Third-Party Technology Assurance Analyst plays a critical role in safeguarding an organisation’s technology landscape by managing and assessing the risks associated with third-party vendors and service providers. The analyst proactively analyses, monitors, and assures the compliance, security, and operational effectiveness of external technology services upon which the organisation relies. This position is vital in a world where organizations increasingly depend on external partners for software, cloud infrastructure, and data processing, making assurance and oversight of third parties a top priority for operational resilience and regulatory compliance.

Key Responsibilities
  • Third Party Risk Assessments: Conduct comprehensive risk assessments of third-party technology vendors and service providers. Evaluate security postures, technical controls, and compliance with organizational and regulatory requirements before onboarding and throughout the partnership lifecycle.
  • Due Diligence Activities: Lead and support due diligence efforts by gathering, reviewing, and analyzing documentation such as SOC1/SOC2 reports, ISO certifications, data protection agreements, GDPR and other compliance artefacts.
  • Ongoing Monitoring: Continuously monitor third party technology services for changes in risk profile, compliance status, or incidents. Maintain updated records and risk ratings and ensure periodic re-assessment in line with organizational policies.
  • Vendor Risk Scoring & Reporting: Develop and update risk scoring models for technology vendors. Produce regular management reports and dashboards highlighting risk trends, non-conformities, and remediation progress.
  • Incident Management: Participate in the identification, escalation, and remediation of incidents involving third party technology services. Coordinate with internal stakeholders to ensure effective response and lessons learned.
  • Contractual Control Reviews: Review and advise on contract terms with technology vendors, ensuring that security, confidentiality, and compliance clauses are embedded and enforceable.
  • Policy & Framework Development: Contribute to the development, maintenance, and enhancement of third-party risk management policies, standards, and guidelines aligned with best practices (e.g., NIST, ISO 27001, SOC 1, SOC 2, DORA, GDPR, NCA).
  • Stakeholder Engagement: Work closely with procurement, legal, information security, compliance, and business teams to build awareness and understanding of third-party risks and controls.
  • Audit Preparation & Support: Assist in the preparation for internal and external audits related to third-party technology risk. Provide evidence, documentation, and subject matter expertise as required.
  • Market Intelligence: Stay current with emerging risks, regulatory changes, and best practices in third-party technology risk and assurance.
  • Execute delegated tasks as deemed appropriate by the Group CISO and other empowered Group Cyber leadership authorities, ensuring timely and effective completion in alignment with organizational priorities.
  • Support the Group Cyber Strategy end-to-end, driving alignment of all activities, decisions, and deliverables with strategic objectives and business outcomes.
  • Need to meet delivery of all requirements from Group Chief Information Security Officer (CISO)
  • Need to meet delivery of all requirements of Group or Cyber Strategy
  • Support the wider CISO function with GRC and Outsourcing requirements, where needed
Required Skills and Qualifications
  • Education: Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Risk Management, or related field. Professional certifications (e.g., CISA, CISM, CRISC, CISSP) are highly desirable.
  • Experience: 6+ years of experience in technology risk management, third party security assessments, or audit/assurance roles, preferably within financial services, healthcare, or other regulated industries.
  • Technical Knowledge: Understanding of IT infrastructure, cloud architecture, SaaS platforms, and data protection frameworks. Familiarity with common security controls and risk management methodologies.
  • Regulatory Awareness: Solid knowledge of relevant regulations and standards (e.g., GDPR, HIPAA, SOX, PCI DSS, NIST, ISO 27001).
  • Analytical & Problem Solving: Strong analytical skills to identify, assess, and mitigate complex technology risks. Ability to evaluate large amounts of information and make informed recommendations.
  • Communication: Excellent verbal and written communication skills for preparing reports, presenting findings, and influencing stakeholders at all organizational levels.
  • Organizational Skills: Demonstrated ability to manage multiple priorities, meet deadlines, and adapt in a fast-paced environment.
  • Attention to Detail: High degree of accuracy and attention to detail in reviewing documentation and risk artefacts.
  • Collaboration: Effective team player with a proactive approach to cross-functional projects and initiatives.
  • Continuous Learning: Eagerness to stay abreast of technological advancements, threat landscapes, and evolving assurance techniques.
Desirable Skills and Competencies
  • Automation and Tooling: Experience with third-party risk management platforms, GRC (Governance, Risk, and Compliance) tools, and automation of risk assessment processes.
  • Project Management: Familiarity with project management methodologies and the ability to drive assurance initiatives from inception to completion.
  • Innovation: Ability to recommend and implement process improvements to increase the efficiency and effectiveness of third-party risk management activities.
  • Negotiation: Confidence in negotiating with vendors to achieve favorable assurance and compliance terms.
  • Presentation Skills: Experience delivering risk-related findings and assurance updates to senior management, boards, or external regulators.
Reporting Line

Typically reports to: Head of Technology Assurance

Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners.

Skills Required

  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Risk Management, or related field
  • 6+ years experience in technology risk management, third-party security assessments, or audit/assurance roles (preferably in financial services or regulated industries)
  • Familiarity with IT infrastructure, cloud architecture, and SaaS platforms
  • Knowledge of data protection frameworks and relevant regulations (GDPR, HIPAA, SOX, PCI DSS)
  • Experience reviewing SOC1/SOC2 reports and ISO certifications and performing due diligence
  • Strong analytical, verbal and written communication, and stakeholder engagement skills
  • Professional certifications such as CISA, CISM, CRISC, or CISSP
  • Experience with GRC tools or third-party risk management platforms and automation of assessments
  • Project management, negotiation, and presentation experience delivering findings to senior management

Apex Group Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Apex Group and has not been reviewed or approved by Apex Group.

  • Flexible Benefits Flexible benefits are positioned as being tailored by country, with localized packages and perks that can differ by jurisdiction. Mobility options such as the JUMP program add a non-cash element that can increase the perceived total rewards value for those who can access it.
  • Wellbeing & Lifestyle Benefits Wellbeing support is described as including EAPs, mental-health workshops, mentoring support, and local lifestyle perks like gym or cycle-to-work schemes. These offerings broaden the benefits mix beyond purely financial rewards.
  • Retirement Support Retirement support is described in at least one jurisdiction as including an employer match structure and an additional automatic contribution after tenure. This can strengthen the non-salary portion of total compensation where offered.

Apex Group Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
7,423 Employees
Year Founded: 2003

What We Do

We are a single-source financial solutions provider dedicated to driving positive change while supporting the growth and ambitions of asset managers, allocators, financial institutions, and family offices around the world. Established in Bermuda in 2003, we have continually disrupted the industry through our investment in innovation and talent. Today, we set the pace in fund and asset servicing and stand out for our unique single-source solution and unified cross asset-class platform which supports the entire value chain, harnesses leading innovative technology, and benefits from cross-jurisdictional expertise delivered by a long-standing management team and over 13,000 highly integrated professionals. As a pioneering data and fintech-enabled company, we are a disruptor driving digital tools into fund and asset servicing. However, our vision to drive positive change extends beyond the industry. The Apex Foundation, a not-for-profit entity, is our passionate commitment to empower sustainable change

Similar Jobs

AMP Logo AMP

Director, Commercial Origination & Business Development

Artificial Intelligence • Computer Vision • Greentech • Machine Learning • Robotics • Industrial • Automation
Easy Apply
Remote or Hybrid
United States
175 Employees

PNC Bank Logo PNC Bank

Software Engineer

Machine Learning • Payments • Security • Software • Financial Services
Remote or Hybrid
USA
55000 Employees
88K-203K Annually

Wipfli Logo Wipfli

Manager, Financial Reporting - Nonprofit Clients

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
United States
3000 Employees
97K-145K Annually

Wipfli Logo Wipfli

Senior Engineer

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
United States
3000 Employees
88K-118K Annually

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account