Job Overview
The Risk Assessor is responsible for performing third-party risk assessments and evaluating vendor control environments. This role supports the Third Party Risk Management (TPRM) program by identifying risks, documenting findings, and partnering with internal stakeholders and external vendors to ensure appropriate mitigation and compliance with regulatory standards.
Responsibilities
Perform third-party risk assessments using standardized questionnaires (e.g., SIG, CAIQ) and due diligence reviews
Analyze documentation including SOC reports, ISO certifications, and audit artifacts to evaluate control effectiveness
Identify and document security, compliance, and operational risks and translate findings into business impacts
Develop and track remediation plans in collaboration with vendors and internal stakeholders
Monitor vendor risk posture using risk scoring tools and ongoing monitoring processes
Support regulatory compliance by validating adherence to applicable laws, regulations, and internal policies
Partner with cross-functional teams including Legal, Procurement, IT, Compliance, and business units
Prepare reports and dashboards summarizing risk assessments and vendor risk posture
Support internal and external audits by providing documentation and program evidence
Contribute to the development and enhancement of third-party risk management policies, procedures, and tools
Maintain knowledge of industry frameworks and standards including ISO 27001, NIST, and SOC reporting
Manage multiple assessments and priorities in alignment with established service level agreements
What Are We Looking For?
We're looking for strong collaborators who deliver exceptional client experiences and thrive in fast-paced, team-oriented environments. Our ideal candidates pursue greatness, act with integrity, and are driven to help our clients succeed. We value those who embrace creativity, continuous improvement, and contribute to a culture where we win together and create and share joy in our work.
Requirements
3–5 years of experience in third-party risk management, vendor risk, or information security within a regulated industry
Experience using governance, risk, and compliance (GRC) tools (e.g., OneTrust)
Working knowledge of risk and compliance frameworks such as ISO 27001, NIST, SOC reporting, or similar standards
Proficiency with Microsoft Office applications, including Excel, Word, PowerPoint, and SharePoint
Bachelor’s degree or equivalent combination of education and relevant work experience
Preferences
Professional certifications related to third-party risk, information security, or compliance (e.g., CISA, CISM, CRISC)
Experience using continuous monitoring tools such as SecurityScorecard or BitSight
Experience supporting audits or regulatory reviews
#LI-PA
Pay Range:
$79,825.00 - $132,973.00
Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer!