Senior Governance & Risk Analyst

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning bold ideas courage an d passion to drive life-changing impact to ZS.

Our most valuable asset is our people .

At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and

make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.

The Senior Governance & Risk Administrator will serve as a key member of our IT Governance, Risk, and Compliance team, responsible for proactively identifying and mitigating risks, ensuring compliance with regulations, and enhancing our control framework. The role involves working closely with various stakeholders, analyzing security findings, and providing input into the development and maintenance of security risk scorecards. The candidate will also assist in the management of GRC tools and contribute to various risk governance-related initiatives and special projects.

What you'll do :

• Conduct Risk Assessments : Collaborate with the ZS stakeholders from IT, HR, Finance, Legal, etc. teams to perform risk assessments and identify potential threats and vulnerabilities in our IT infrastructure and third-party relationships.
• Third Party Risk Management (TPRM) : Develop, implement, and maintain effective TPRM processes, including third-party risk assessment, due diligence, and ongoing monitoring.
• Remediation Oversight : Assist in the management of remediation activities, including the development and monitoring of remediation plans for identified risks and vulnerabilities.
• Documentation and Reporting : Prepare comprehensive findings reports for various stakeholders, summarizing assessment results, remediation progress, and recommended actions, both internally and within the TPRM framework.
• Audit Support : Provide support during internal and external audits, assisting in audit planning, execution, communication, and reporting phases, with a specific focus on TPRM.
• Security Monitoring : Analyze findings from security monitoring systems, reviewing vulnerabilities for active and acceptable remediation plans, including third-party risks.
• Risk Mitigation : Collaborate with cross-functional teams to identify and proactively address potential gaps in security, especially in the context of third-party risks.
• GRC Tools : Assist in the management and maintenance of GRC tools, including configuration and reporting, with a focus on TPRM capabilities.
• Policy and Framework Compliance : Ensure that operational controls, including those related to third parties, are aligned with relevant control frameworks, standards, and regulatory requirements.
• Training and Awareness : Contribute to the development of information security training material and assist in conducting training sessions for relevant stakeholders, emphasizing TPRM best practices.
• Special Projects : Collaborate on various technology risk governance initiatives and other special projects as assigned, with a strong emphasis on TPRM improvements.
• Mentorship : Lead and mentor a team of Governance & Risk Analysts / Administrators to ensure efficient execution of risk assessment processes, risk treatment activities, and third-party risk management.

What you'll bring :

Perks & Benefits :

ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.

We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients / ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.

Travel :

Travel is a requirement at ZS for client facing ZSers business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.

Considering applying

At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.

ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.

To Complete Your Application :

Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.

Find Out More At : Skills Required

Ms Office, Rsa Archer, Iso 27001, it risk management