Third Party Risk Management Analyst - USDS
TikTok.com
Office
New York, New York, United States
Full Time
The USDS Security - Risk & Compliance team is responsible for managing USDS security compliance in accordance with US compliance requirements and objectives, and providing industry leading governance, risk, and compliance services.
The core service offerings include: Compliance & Security Risk Management, Controls & Compliance Framework, Security Compliance Policies, Charters, & Protocols, Vendor Program & Third-Party Risk Management, Governance, Risk, & Compliance (GRC) Platform, and Security & Compliance Behavior & Culture.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
As a Third Party Risk Management (TPRM) analyst, you will be a subject matter expert and liaison between USDS and the lines of business as it pertains to vendor compliance screening, issues and vulnerability management, and cross-functional security and privacy control assurance. You will be responsible for owning and managing daily operations of assigned vendor compliance assessment coordination, technical writing, and USDS Vendor Lifecycle management. Within this role, you will closely coordinate with USDS Procurement and Legal teams to ensure USDS Vendor Program and Procurement Policies requirements are implemented, enforced and communicated to business owners, program managers and other other applicable internal teams.
Other responsibilities include:
- Coordinating between USDS TPRM, Procurement, and Legal operations about vendor lifecycle management, contract clauses verification and compliance assessment procedures
- Technical writing and communication between cross-functional teams and Non-USDS lines of business
- Validating vendor compliance screening assessments
- Reporting vendor security risk assessments for authorized and rejected vendors
- Coordinating between USDS Risk Management, Global Security Organization, and other applicable internal teams on unresolved findings and vulnerability management
- Enhancing USDS TPRM standard operating procedure as it pertains to emerging threats and USDS Vendor Program policy requirements
- Validating security standard controls and audits as applicable to the overall USDS TPRM program and process
- Managing assessment lifecycles and dashboard reporting
- Coordinating and executing assessments for site visit assessments (physical and remote) and reporting related to TikTok USDS data centers and Content Delivery Networks (CDNs)
The core service offerings include: Compliance & Security Risk Management, Controls & Compliance Framework, Security Compliance Policies, Charters, & Protocols, Vendor Program & Third-Party Risk Management, Governance, Risk, & Compliance (GRC) Platform, and Security & Compliance Behavior & Culture.
In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.
As a Third Party Risk Management (TPRM) analyst, you will be a subject matter expert and liaison between USDS and the lines of business as it pertains to vendor compliance screening, issues and vulnerability management, and cross-functional security and privacy control assurance. You will be responsible for owning and managing daily operations of assigned vendor compliance assessment coordination, technical writing, and USDS Vendor Lifecycle management. Within this role, you will closely coordinate with USDS Procurement and Legal teams to ensure USDS Vendor Program and Procurement Policies requirements are implemented, enforced and communicated to business owners, program managers and other other applicable internal teams.
Other responsibilities include:
- Coordinating between USDS TPRM, Procurement, and Legal operations about vendor lifecycle management, contract clauses verification and compliance assessment procedures
- Technical writing and communication between cross-functional teams and Non-USDS lines of business
- Validating vendor compliance screening assessments
- Reporting vendor security risk assessments for authorized and rejected vendors
- Coordinating between USDS Risk Management, Global Security Organization, and other applicable internal teams on unresolved findings and vulnerability management
- Enhancing USDS TPRM standard operating procedure as it pertains to emerging threats and USDS Vendor Program policy requirements
- Validating security standard controls and audits as applicable to the overall USDS TPRM program and process
- Managing assessment lifecycles and dashboard reporting
- Coordinating and executing assessments for site visit assessments (physical and remote) and reporting related to TikTok USDS data centers and Content Delivery Networks (CDNs)
Third Party Risk Management Analyst - USDS
Office
New York, New York, United States
Full Time
October 11, 2025