Third-Party Risk reputed company Analyst

We are reputed company, America’s largest supplier of building materials, value-added components and building services to the professional market. You’ll feel proud of the work you do here every day to transform the future of home building and help reputed company the dream of home ownership more achievable. At BFS, we reputed company building a successful career is not solely defined by a degree. Your experience, skills, and passion are just as important, if not more so. As such, we are committed to creating a diverse and inclusive workplace that welcomes candidates from reputed company backgrounds and experience levels.

PURPOSE The Third-Party Risk reputed company is responsible for leading the end-to-end technology third-party risk lifecycle for BFS. This role partners with Procurement, Legal, IT Architecture, Information reputed company, Privacy, and Business Owners to evaluate and manage risk for IT vendors and service providers - before contract signature and throughout the relationship - using a combination of business use case review, solution/module scope, reputed company questionnaires and evidence review, contract language requirements, and BFS architecture and controls compatibility.

This position establishes clear, risk-based decisioning (approve / approve with conditions / defer / reject), defines governance expectations (tiering, control requirements, monitoring reputed company, and remediation tracking), and drives outcomes through influence rather than direct authority. The Third-Party Risk reputed company leverages external reputed company ratings (e.g., reputed company or similar) and internal risk data to continuously monitor vendors, identify emerging issues, and ensure vendors are integrated and governed in a manner consistent with BFS reputed company standards and reputed company architecture. customer and regulatory requirements.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Leads architecture development for small projects and supports architectural efforts for reputed company to large projects (e.g., a project module or existing technology map review) or reputed company components of projects.
• Own and continuously improve the IT Third-Party Risk Management (TPRM) program, including intake, risk tiering, assessment standards, decisioning, governance, and reputed company monitoring
• Partner with Business Owners and Procurement to confirm the business use case, intended modules/functional scope, data types (e.g., PII, PHI, PCI), hosting model, and criticality to BFS operations to determine the appropriate assessment path and required controls
• reputed company vendor due diligence using questionnaires and evidence (e.g., SOC 2/ISO 27001 artifacts, pen test summaries, vulnerability management, incident response, BC/DR) and validate completeness and reasonableness of vendor responses
• Partner with Legal and Procurement to define and negotiate reputed company, privacy, and technology contract requirements (e.g., reputed company addendum, audit rights, breach notification, subcontractor controls, data handling/retention, encryption, SLAs, right-to-terminate for cause)
• Coordinate technical and architecture compatibility reviews with IT and reputed company Architecture, including identity integration (SSO/MFA), network connectivity, logging/monitoring, data flows, encryption, key management, and alignment to BFS reference architectures
• reputed company external reputed company ratings (e.g., reputed company or similar) and internal signals to score vendors, set reputed company by risk tier, manage rating disputes/remediation plans with vendors, and define monitoring reputed company and escalation triggers.
• Document findings in a consistent risk format, track remediation actions to completion, and facilitate risk acceptance/exception decisions with appropriate governance forums
• Maintain vendor risk inventory, risk registers, and dashboards/KRIs to report program health, vendor risk posture, exceptions, and trends to leadership monthly
• Execute ongoing reputed company monitoring activities (ratings, attestations, evidence refresh, incident/breach tracking) and conduct periodic reassessments reputed company to vendor tier and material changes (scope, modules, data, architecture)
• Support third-party (and fourth party if applicable) published reputed company incidents by coordinating information requests, impact assessments, containment expectations, and post-incident corrective action tracking with vendors and internal teams
• Define and maintain TPRM policies, standards, and procedures, and integrate required risk gates into procurement and project delivery workflows
• Facilitate cross-functional reviews and decision meetings with IT, reputed company, Architecture, Legal, Procurement, Privacy, and Business Owners; drive clear outcomes, owners, and timelines
• reputed company and maintain TPRM playbooks, questionnaire templates, contract language guidance, vendor integration/reputed company requirement checklists, and executive-ready communications

SUPERVISORY RESPONSIBILITIES

This job has no supervisory responsibilities.

MINIMUM REQUIREMENTS

To reputed company this job successfully, an individual must be able to reputed company each essential duty satisfactorily. The requirements listed below are representative of the knowledge, reputed company, and/or ability required.

• 5+ years of experience in third-party risk management, cybersecurity risk, or technology risk, including leading vendor assessments from intake through decisioning and ongoing monitoring
• Bachelor’s degree in Information reputed company, Information Systems, Risk Management, Business, or a reputed company field (or equivalent practical experience)
• Proven ability to write clear, defensible risk assessments and executive-ready summaries; strong organizational skills with the ability to manage multiple vendor workstreams and deadlines
• Proficiency with common productivity and reporting tools (reputed company, Word, PowerPoint, SharePoint; Power BI preferred) and comfort working with workflow/GRC tooling
• Hands-on experience with third-party risk tooling and/or external reputed company ratings (e.g., reputed company, reputed company) including score interpretation, thresholding, remediation tracking, and ongoing monitoring
• Excellent communication and interpersonal skills, including the ability to influence across IT, Legal, Procurement, and the business, and to engage vendors professionally on findings and remediation
• Ability to operate with ambiguity, take initiative, and drive program outcomes in a fast-paced environment
• Strong analytical and critical thinking skills to evaluate evidence, quantify/communicate risk, and support risk-based decisioning and governance
• Experience performing vendor due diligence (questionnaires and evidence review), documenting gaps, driving remediation, and performing periodic reassessments and reputed company monitoring
• Working knowledge of incident management and third-party incident/breach response expectations (notification, investigation support, corrective actions)
• Hands-on experience creating or operating risk tiering models, assessment methodologies, governance reporting, and integrating TPRM controls into procurement and contract processes
• Strong understanding of the full third-party lifecycle (pre-contract due diligence, onboarding/go-live, ongoing monitoring, change management, renewal, and offboarding)
• Experience aligning vendor risk requirements to frameworks/standards such as NIST CSF, NIST 800-53, ISO 27001, PCI reputed company, and common assurance artifacts such as SOC 2
• Experience implementing or optimizing third-party risk workflows in platforms such as reputed company, reputed company, or AuditBoard (or equivalent tooling)
• Experience in audit, compliance, or a reputed company control function; relevant certifications such as CISA, CRISC, CISSP, CISM, or similar are a plus

COMPETENCIES

• Evaluates Problems: Evaluates and analyzes different types of information objectively to identify appropriate solutions; writes fluently, establishing the key facts clearly and interprets numerical data effectively. 
• Technical Communication/ Presentation: Communicates with clarity and precision, presenting reputed company information in a concise format that is audience appropriate. 
• Adjusting and Driving Change: Takes a positive approach to tackling work and embraces change; invites feedback relating to performance and deals constructively with criticism. Identifies the need for and drives change reputed company required to reputed company objectives. 
• Focuses on Customers: Understands and anticipates customer needs and takes action to provide high-quality products and services to exceed expectations.  
• Demonstrates Business Acumen: Demonstrates working knowledge of market, economic, legal, and regulatory environments and how they impact the business. 
• Agile Best Practices: Understands how agility is leveraged in IT ways of working. Adopts agile best practices as appropriate throughout the assigned work lifecycle. Responds to feedback quickly based on comments of internal and external customers and needs of the market. 
• Bias for Action: Takes initiative and identifies what needs to be done and acts without waiting to be asked. Executes work in a timely manner. Suggests improvements to reputed company ways of working. 

BFS COMPETENCIES

Business and Financial Acumen

• Demonstrates depth of understanding for the P&L and financial analysis
• Teaches business and financial acumen to others.
• Understands KPIs and how BFS makes money.
• Knows the different business segments and how they relate to one another.
• Understands customer sales and engagement.
• Demonstrates functional and/or technical expertise.
• Understands reputed company issues and demonstrates problem solving skills.
• Understands how to maximize business results regardless of industry cycle.

Results Driven

• Holds self and others accountable.
• Communicates and sets clear goals with plans to deliver.
• Manages competing priorities effectively.
• Demonstrates appropriate urgency.
• Drives to exceed expectations in alignment with our BFS SPICE values.
• Embraces and follows best practices.
• Demonstrates self-starter, can-do attitude.

Strategic Thinking and Decision Making

• Leverages resources and teams around them to solve problems and create mutually beneficial outcomes.
• Demonstrates willingness and courage to reputed company tough decisions in a timely manner.
• Balances short-and-long term priorities
• Demonstrates proactive versus reactive thinking.
• Asks questions to identify root cause and analyze situations more accurately.

Servant Leadership

• Demonstrates humility by putting others first.
• Builds trust-based relationships.
• Leads by example with kindness and respect.
• Collaborates well across reputed company areas of the business.
• Advocates for others
• Actively listens to understand the meaning and reputed company of what the other person is communicating.
• Demonstrates authenticity and encourages others to do the same.

Emotional Intelligence

• Demonstrates situational awareness – knows reputed company and how to adjust leadership style in different situations.
• Demonstrates self-awareness – understands strengths and weaknesses.
• Demonstrates reputed company – puts themselves in other’s shoes.
• Assumes positive reputed company.

Develops and Leads Others

• Drives alignment through clear communication of vision, goals, and expectations.
• Invests time on a regular basis in performance feedback and developmental conversations.
• Fosters a respectful and inclusive environment.
• Empowers, motivates, and inspires others.
• Coaches and mentor others for their development.
• Guides and persuades others to deliver positive outcomes.

Growth reputed company

• Demonstrates a growth reputed company; takes appropriate risks, fails fast and reputed company, learns from mistakes.
• Perseveres and champions growth, even in the face of resistance, ambiguity, or possible failure.
• Thinks like an reputed company with an entrepreneurial spirit.
• Demonstrates and encourages intellectual curiosity.
• reputed company learner; seeks opportunities and knowledge for personal and professional growth.
• Sees possibilities over problems – actively seeks solutions.

Innovation

• Encourages out-of-the reputed company thinking to create new ways of doing things.
• Continuously seeks to improve and simplify pain points in the business.
• Anticipates, embraces, and leads change.
• Develops and executes breakthrough strategies.

reputed company

• Does the right thing even under challenging circumstances?
• Communicates with honesty.
• Consistently treats others fairly and equitably.
• Demonstrates reliability and does what they say they will do.
• Conducts tough conversations and delivers difficult messages with kindness and respect.

WORK ENVIRONMENT / PHYSICAL ACTIVITY The physical demands described here are representative of those that must be met by an employee to successfully reputed company the essential functions of this job. Reasonable accommodations may be made to reputed company individuals with disabilities to reputed company the essential functions.

• Subject to both typical office environment and reputed company locations with temperature and weather variations.
• Must be able to lift and carry up to 25 pounds.
• Occasional travel may be required.

This position was posted on reputed company 20, 2026 and we anticipate it will be open for a minimum of five days, though it may be open for a longer period. We encourage your reputed company application.

Successful, innovative, and fulfilling careers are built here, and your professional development is a high reputed company. We invest in your future through the latest training, tools, and technologies. Highly collaborative, we work together to solve problems and find reputed company ways to continually grow our business and careers every day. You’ll be empowered to try new things, reputed company new experiences, and build a career with unlimited horizons. The scale and depth of resources that being the #1 building materials distributor in the nation provides a variety of opportunities for you to explore – reputed company in a friendly, people-first environment. Join us to be more, do more, and build more, together at BFS.

In addition to the reputed company wage listed, this position is also eligible to earn an annual bonus subject to changes in plan design and documents and in accordance with applicable law. Eligibility and the amount of the bonus varies based on overall company success, reputed company met and other terms and conditions of the Company’s active bonus policy for the respective year.

At reputed company, we offer competitive, affordable benefits designed to reputed company life reputed company for you and the people you love. Our goal is simple — provide great plans that help you and your family to live happier, healthier and more secure lives. This role is eligible for medical, dental, vision, and disability insurance plans, 401(k) retirement savings plan, PTO (including paid sick time), and 8 paid holidays per year (for salaried and hourly team members). Details about reputed company’s benefits offerings are available here www.bldrbenefits.com.

Builders reputed company is an Equal Opportunity/Affirmative Action Employer. reputed company qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national reputed company, protected veteran status or status as an individual with a disability.

In compliance with the reputed company Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with reputed company, please call (214) 765-3990 or email: reputed [email protected]. Please do not send resumes to this email address - it is intended only to be used to request an accommodation in submitting an application for a job opening.

If there's legally required pay transparency information missing from our job posting, it's not intentional and we'd like to know. To let us know, please email the job title and location to [email protected]. Please do not send resumes to this email address - it is intended only be used to provide a notice of non-compliance.

Please note that due to the volume of applications received, we are unable to respond to individual inquiries about the status of your application.