Senior Third-Party Risk Analyst

Who we are :

Our life is a digital life, filled with streams of information flowing ceaselessly. Every click, every swipe, every interaction connects us.

But where does all that information go? Enter the world of data centers.

Data centers are experiencing once-in-a-generation demand growth, driven by cloud adoption and the AI revolution, Jon Gray, President & COO of Blackstone.

In the fast-paced world of data, QTS is dedicated to leading the industry in a thoughtful and intentional way. At QTS, we are Purpose Driven and moving communities forward.

At QTS, we believe that how we deliver our services is equally as important as the service we deliver. Our people play a vital role in our company’s culture, innovation and growth, and we are deeply committed to those who affect or are affected by our business.

Our people are knowledgeable, resourceful, innovative self-starters, and can accomplish great things when working together.

That is why QTS is Powered by People!

Who you are & the impact you will have :

The Senior Third-Party Risk Analyst (Advisor) serves as a subject matter expert across corporate third-party services and dependencies.

This role provides subject matter expertise, managing, and performing key functions necessary to satisfy requirements of the Third-Party Risk Management (TPRM) program, including program projects and strategic initiatives.

The Senior Third-Party Risk Analyst will be responsible for ensuring the TPRM platform is successfully adopted across the organization.

This role is accountable and responsible for providing expert risk analysis and information to business and risk management leadership.

Additionally, the advisor establishes rapport with risk management to support the company’s overall IT and security governance, risk management and compliance program with third-party vendors.

The role encompasses implementation and maintenance of our Third-Party platform and policies, as well as a comprehensive control framework with enterprise-wide Third-Party Risk Management.

Additionally, the advisor consults and provides input to the comprehensive list of organization third-party providers, applications, and services from the time of onboarding through termination.

The advisor ensures the company’s technical systems, data, intellectual property, and information assets are protected. Working closely with risk and security leadership, the advisor identifies, evaluates, and reports on information security risks so the business is aware and can act accordingly.

What you will do :

Build and foster a strong rapport and relationship across the enterprise to collaborate with key stakeholders including Procurement, Legal, Physical and Cybersecurity, Compliance, Privacy, Technology, and other business functions to identify, assess and design plans to mitigate and monitor risks associated with third parties

Support TPRM Program & platform development and ongoing maturation through updating standards, procedures, processes, internal controls, etc.

Generate and implement quality assurance standards, conduct vendor assessments, monitor program output (data, deliverables, etc.

and identify opportunities for improvement

Ensure required risk management activities and control weaknesses are identified prior to contract execution with third party provider, or appropriate risk acceptance is documented and approved in third-party risk platform

Monitor and evaluate the ongoing performance of third-party vendors in alignment with internal strategies, industry best practices, standard security frameworks, and regulatory guidance

Evaluate third party maturity using ISO, the Cybersecurity Maturity Model Certification, NIST, GDPR and other industry framework standards and best practices

Gather a full inventory of third parties and work on remediation and participate in change management process and data clean up in third-party platform and other systems

Conduct training on third-party platform to team members as needed, to drive standardization and consistency of Program execution

Complete research and analysis as needed to close Program gaps.

Create and deliver presentations on status updates of TPRM program / platform, ensuring transparency and accountability at all levels of the organization

Risk management culture : Supports the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data

What you will need to be successful :

• Bachelor’s Degree Information Systems or Information Technology, Computer Science, Risk Management, or professional equivalency
• 3-5 years of work experience related to Third Party Management, vendor risk management, cyber risk management and / or procurement
• Strong understanding of regulatory requirements and industry best practices related to third-party / vendor risk management
• Knowledge of risks related to IT application development and infrastructure maintenance, IT security, business continuity and disaster recovery, emerging technology platforms (e.

g., AI), and cloud services.

• Project or Process management experience
• Excellent written and oral communication skills with experience writing policy and procedural documentation
• Experience with using GRC technologies, risk management, reporting tools, along with Microsoft software applications
• Ability to understand a variety of third-party risk systems and services, from new technologies to legacy systems.

The Perks (and these are just a few) :

• QRest Sabbatical
• Employee Stock Purchase
• QTS scholarship for dependents
• Eagle Club award trip eligibility
• Paid volunteer days
• Tuition assistance, parental leave and military leave assistance

We conform to all the laws, statutes, and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women, minorities, individuals with disabilities and veterans to apply to all of our job openings.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, Genetic Information & Testing, Family & Medical Leave, protected veteran status, or any other characteristic protected by law.

We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer or the government, or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.

The "Know Your Rights" Poster is included here :

The pay transparency policy is available here :

QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to and let us know the nature of your request and your contact information.