Senior Third Party Risk Analyst

Marqeta is on a mission to change the way money moves. We're one of the earliest enablers of embedded finance, a market opportunity sized up in the trillions. Our card issuing platform provides unprecedented flexibility and control for companies to issue cards, authorize transactions, and manage payment operations in real time. Marqeta is powering the most well known brands in the new economy (Block, Cash App, Affirm, Instacart, Doordash, Uber, Walmart, etc). Today nearly 8 out of 10 Americans use a product powered by Marqeta every week. This is the opportunity of a lifetime to work with innovators around the world and unlock equitable financial access for all.

Position Summary:

The Senior Third Party Security Risk Analyst is responsible for supporting the implementation of a modern Third Party Risk Management program. This role will work with the Technical GRC Manager to build third party risk management governance and audit frameworks that meet key security standards and regulatory requirements, including PCI DSS, ISO 27001, GDPR, and SSAE-18. The Senior Analyst will collaborate with cross-functional teams and external parties to assess security controls in third-party environments, perform ongoing monitoring audits, drive remediation of risks, and articulate identified risks to key stakeholders. This position will have an opportunity to innovate and drive adoption of risk management and vendor management solutions.

Key Responsibilities:

Manage, enhance and implement policies, procedures and program governance to ensure effective security risk management of third parties in accordance with industry and regulatory requirementsPerform security risk assessments of third parties to identify, validate and remediate risks

• Perform audits of high risk vendors and collaborate with business owners and vendors to mitigate risks
• Perform due diligence reviews on prospective customers to ensure compliance with our internal and regulatory requirements
• Communicate risks in an meaningful manner with internal stakeholders
• Report risk metrics in a timely manner
• Categorize third parties using a risk-based tiering framework
• Increase efficiency throughout the third party risk management process with automation and innovation

Develop standardized reporting to enable continuous monitoring against program goals

Requirements:

• Masters or Bachelors degree in Computer Science, Information Security, Information Technology or equivalent experience
• Minimum 3 years industry experience in Information Security, Third Party Risk Management, IT Risk Management, IT Audit or Compliance
• Experience assessing compliance with technical regulations and standards (e.g. PCI DSS, ISO 27001, SOC2, SOX, NIST, etc.)
• Experience working with global privacy and data protection regulations is a plus (e.g. GDPR, CCPA)
• A strong bias toward action and able to operate effectively in a dynamic, fast-paced environment
• Ability to manage time effectively and adhere to SLAs
• Excellent verbal and written communication skills including the ability to simplify key security messages and translate technical matters to non-technical audiences
• Positive attitude, team player, adaptable, resourceful, and self-starter who is able to work independently
• Willingness to challenge the status quo and drive continuous improvement through change
• Ability to travel to some onsite audits as needed
• CISSP, CISM, CISA, CIPP preferred

Your Manager

• Anh Thai - Manager, Third Party Risk Management

Recruiter For This Role

• Ryan Demmer - Technical Recruiter

Typical Process

• Application submission
• Recruiter phone call
• Virtual "Onsite" consisting of 4-5, 45 min calls
• Offer

#LI-Hybrid

Equal Employment Opportunity, Accommodations and Privacy

Marqeta is proud to be an equal opportunity employer that gives consideration to all qualified applicants regardless of race, ancestry, national origin, color, Indigenous, citizenship, religion/creed, sex, sexual orientation, gender identity, gender expression marital status, family status, disability, veteran status, criminal histories consistent with legal requirements, or any other characteristic protected by applicable law.

Our dedication to diversity and inclusion extends beyond the categories above. Review Marqeta's ESG Report to see that dedication in action. Fostering an environment where everyone feels valued and respected creates a stronger and more innovative team at Marqeta. We celebrate the unique contributions of each individual and empower all members of our organization. Join us in building a company where diversity thrives and everyone can be their authentic selves.

If you require reasonable accommodation for the application process and beyond (including due to a disability), please submit this form and we will be more than happy to assist you. Marqeta will make reasonable accommodations for candidates when needed in accordance with applicable law. The Applicant and Candidate Privacy Notice applies to the personal data that you directly provide to us or that we collect during the application and candidate recruitment process.

Are you now or have you been employed by Marqeta in the past? *
Please select

At Marqeta, we strive to live our value of "Everyone Belongs," where we seek various opinions and experiences as we build opportunities around equity, inclusion, and belonging. We ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. As set forth in Marqeta's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Any information that you do provide will be anonymized and reviewed, strictly in aggregate, to find ways to improve our recruiting processes. To learn more about our job applicant privacy policy, please visit our website .

We're also providing additional information and resources as you complete the form:

• Veteran Status: If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection.
• A "disabled veteran"
• A "recently separated veteran"
• An "active duty wartime or campaign badge veteran"
• An "Armed forces service medal veteran"
• Disability Status: You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

I consider my gender identity to be (Select one)
Man
Non-Binary/Third Gender
Transgender
Woman
Decline to Self-Identify

I consider my gender as (Select one)
Female
Male
Decline to Self-Identify

I consider myself to be Hispanic or Latino (Select one)
No
Yes
Decline to Self-Identify

If you do not consider yourself Hispanic or Latino, please select the race/ethnicity you most identify with (Select one)
American Indian or Alaska Native
Asian
Black or African American
Native Hawaiian or Other Pacific Islander
Two or More Races
White
Decline to Self-Identify

I consider myself to be as a member of the Lesbian, Gay, Bisexual, and/or Transgender (LGBT+) community (Select one)
No
Yes
Decline to Self-Identify

Veteran Status (Select one)
I am not a protected veteran
I identify as one or more of the classifications of a protected veteran
Decline to Self-Identify

Disability Status (Select one)
No, I don't have a disability, or a history/record of having a disability
Yes, I have a disability, or have a history/record of having a disability
Decline to Self-Identify