Bessemer Trust is seeking a highly motivated Vendor Risk Analyst with specialized experience in third-party risk management. This role is critical in supporting the execution of a firm-wide risk management strategy, focusing on third-party oversight, risk assessments, and mitigation planning. The ideal candidate will have a strong background in information security, technology risk, operational risk, regulatory compliance, and thrive in a collaborative, detail-oriented environment.

Responsibilities will include:

Key Responsibilities

Third-Party Risk & Cybersecurity Oversight and Ongoing Monitoring

Conduct comprehensive third-party (including affiliate) risk assessments with an emphasis on residual risk related to cybersecurity and information security controls.
Analyze vendor security posture across a broad vendor base (e.g., 1000+ vendors), identifying control gaps and regulatory concerns.
Lead outreach and analysis efforts (e.g., cloud usage, encryption standards) to evaluate how vendors manage company data in cloud environments.
Facilitate ongoing monitoring of high risk and critical vendors.
Ensure third-party risk management activities align with internal policies and external regulatory requirements and expectations.

Compliance & Incident Response Support

Monitor and assist in responding to third-party cyber incidents, in coordination with key internal stakeholders (e.g., IT Security, Legal, Procurement).
Report and escalate critical vulnerabilities to leadership, including developing and delivering ongoing status updates.

Program Development & Management

Support the development and refinement of the vendor risk management program, including workflows, playbooks, procedures, and third-party incident response processes.
Contribute to the enhancement of governance structures, data reporting capabilities, and ongoing risk awareness training. Assist in the implementation of a new end-to-end Vendor Management platform.
Collaborate with Legal, IT Security, Procurement, and other business and operations units to ensure a unified, enterprise-wide approach to vendor and operational risk.
Assist in the preparation of materials for regulatory examinations and Internal Audit Reviews.
Partner with colleagues within Compliance’s Operational Risk Management Team in the identification, documentation, and evaluation of broader operational risks across the organization.

Qualifications

Bachelor’s degree in Risk Management, Information Security, Business Administration, or a related field is preferred.
3–5 years of experience in vendor management, third-party risk, information security, or operational risk management preferably within the banking, asset management, or financial services industry.
Knowledge of common control frameworks (e.g., NIST, ISO 27001, SOC 2, FFIEC).
Experience in evaluating vendor cybersecurity controls and developing mitigation strategies.
Excellent communication, analytical, and problem-solving skills.
Familiarity with regulatory guidance and requirements related to third-party risk in the financial services sector is a plus.
Experience working with risk tools, GRC platforms, or third-party risk platforms (e.g., Archer, ProcessUnity, OneTrust, Navex, etc.) is desirable.

Preferred Certifications

Certified Third Party Risk Professional (CTPRP)
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)

The base salary range for this position is $95,000.00 - $130,000.00. Actual salaries will vary and will be based on various factors, such as skills, experience, and qualification for the role. It is not typical for offers to be made at or near the top of the range.

In addition, this position may be eligible for a discretionary incentive based on individual and company performance.

Eligible employees may participate in a 401 (k) program with a company profit sharing contribution, medical, dental, vision, life insurance and disability coverage and paid holidays, vacation, and sick days.

About Bessemer Trust

Bessemer Trust is a family office, overseeing more than $200 billion in assets for over 3,100 individuals and families of substantial wealth. Its more than 1,200 employees are singularly focused on private wealth management — disciplined investment management, sophisticated wealth planning, comprehensive family office services, and highly personalized client service.

Established in 1907 as the family office for Annie and Henry Phipps, Bessemer Trust is in its seventh generation of ownership by the Phipps family. As a self-made entrepreneur, Henry Phipps was a founding partner and chief financial officer of Carnegie Steel.

Bessemer Trust retains its original focus as a privately owned and independent wealth manager deeply committed to its mission of providing peace of mind to its clients. Bessemer’s adherence to putting clients’ interests first, fiduciary mindset, and highly collaborative culture are at the heart of everything the firm does.

Key Facts:

For 118 years, Bessemer Trust has operated continuously in a single line of business, independently owned by one family.
Headquartered in New York’s Rockefeller Center, Bessemer Trust has 22 offices in total. Woodbridge, NJ, is one of the firm’s largest offices, which hosts a wide range of technology and operations professionals. In addition to its sizable presence in New York and Woodbridge, the firm provides client service through offices in Atlanta, Boston, Chicago, Dallas, Delaware, Denver, Garden City, Grand Cayman, Greenwich, Houston, Los Angeles, Miami, Naples, Nevada, Palm Beach, San Diego, San Francisco, Seattle, Stuart, and Washington, D.C.
To watch a video about Bessemer Trust’s history, click here.
To learn more about Bessemer Trust, click here.

About Our Employee Rewards and Benefits:

We provide exceptional rewards and benefits that are among the best in the industry, giving our people access to a wide range of options, including:

Competitive base salary plus discretionary annual bonus for select positions
A 401(k) plan with a generous annual profit-sharing contribution
Personalized development and career opportunities, including tuition reimbursement support
Comprehensive medical, dental, and vision plans with zero contributions for employee coverage
Employee assistance (EAP) and wellness programs
Hybrid work environment: 60% in office, 40% remote for most positions
Paid time off and paid parental leave
Employer-paid life insurance and short- and long-term disability coverage
Legal services and financial wellness plans at no cost to employees

Bessemer Trust is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. We encourage candidates of diverse backgrounds to apply.