Senior Analyst, Third Party Risk Management (TPRM)

Requirements

• Experience op

Additional Information

About Payoneer Founded in 2005, Payoneer is the global financial platform that removes friction from doing business across borders, with a mission to connect the world's underserved businesses to a rising global economy. We're a community with over 2,500 colleagues all over the world, working to serve customers, and partners in over 190 countries and territories. By taking the complexity out of the financial workflows-including everything from global payments and compliance to multi-currency and workforce management, to providing working capital and business intelligence-we give businesses the tools they need to work efficiently worldwide and grow with confidence. Role Summary The Third Party Risk Management (TPRM) function is responsible for establishing and operating the enterprise framework for identifying, assessing, and overseeing risks arising from third party relationships, including outsourced service providers, banking partners and other critical vendors. The function supports regulatory compliance, operational resilience, and sound risk governance across the full third party lifecycle. The Senior Analyst, Third-Party Risk Management is responsible for executing core third-party risk oversight activities across the vendor lifecycle, with a particular focus on due diligence execution, security assessment review, and portfolio monitoring. The role supports portfolio visibility, intake handling, and management reporting, and contributes to the improvement and automation of TPRM workflows through the use of data analytics and AI-enabled tooling. The role brings a technology and security risk lens to complement the team's existing capabilities across governance, operational resilience and vendor risk management. Primary Duty and Responsibilities Execute due diligence activities across the third-party lifecycle , including initial onboarding assessments, periodic reviews, and event-driven assessments for higher-risk and higher-tier vendors, ensuring assessments are complete, accurate, and decision-ready. Review and process vendor intake requests, ensuring completeness of information and correct classification and routing based on service characteristics, risk drivers, and technology profile. Perform structured reviews of v endor security assessment materials for higher-risk vendors, including SOC 2 reports, ISO 27001 certifications, security questionnaires, and control evidence, synthesizing findings into clear outcomes and required follow-up actions. Assess vendor security posture against relevant control frameworks (e.g., ISO/IEC 27001, SOC 2, NIST CSF) and document risk indicators, control gaps, and remediation requirements. Support the review and assessment of AI-related vendor risks, including model governance, data privacy, and AI-specific control considerations for vendors deploying AI in their products or services. Develop and maintain third-party portfolio reporting, dashboards, KPIs, and tracking outputs that provide management visibility into remediation progress, control gaps, vendor risk trends, and overall program status. Lead data analytics and reporting initiatives that improve the quality, structure, accuracy, and usability of TPRM portfolio data across the vendor lifecycle. Support the evaluation, implementation, and operationalisation of AI-enabled tools and automation workflows across TPRM processes, working closely with the program manager and Platform team. Identify opportunities to improve operational efficiency, consistency, and scalability through automation and AI-assisted review. Review and analyze vendor data, assessment outputs, contracts, and supporting documentation to identify inconsistencies, missing information, risk indicators, and opportunities for process improvement. Support identification and analysis of portfolio-level considerations, including vendor concentration, dependency indicators, technology risk exposure, and remediation trends. Maintain structured datasets, remediation trackers, and governance reporting used for day-to-day execution and management oversight. Partner with Cyber, Procurement, Compliance, Legal, Finance, and other stakeholders to support effective third-party oversight, issue resolution, and data governance initiatives. Support continuous improvement initiatives across TPRM tools, templates, workflows, and governance processes to strengthen operational consistency and scalability. Perform additional duties as required to support the Third-Party Risk Management team and enhance Payoneer's enterprise resilience and risk management capabilities. Education and/or Experience Bachelor's degree required; preferred background in cybersecurity, information systems, computer science, engineering, finance, or a related discipline. 3-5 years of experience in Third-Party Risk Management, Information Security, Vendor Risk, GRC, or a related role within a financial institution or regulated environment.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at payoneer? Share your experience