What are the responsibilities and job description for the Enterprise Resilience Risk Analyst position at Xyant Services?
Job Title: Senior Enterprise Resilience Risk Analyst
Location: Remote
Contract
Role Overview
- Sits under Enterprise Resilience; reports directly to the Hiring Manager.
- Not a pure TPRM role, but deeply embedded in vendor evaluation, onboarding, and governance.
- Acts as a resilience gatekeeper for critical vendors.
Core Responsibilities
- Vendor Resilience Assessment
- Evaluate critical vendors against resilience requirements.
- Review and analyze:
- BCPs
- DR plans
- SOC 2 reports (must identify gaps)
- Product/security certifications
- Ask vendors for required documents during onboarding/POCs.
- Resilience Policies & Governance
- Define resilience requirements for vendor ecosystem.
- Ensure adherence to governance frameworks.
- Partner with procurement for contract language (addendums, clauses).
- Program Leadership
- Drive resilience initiatives inside TPRM.
- Bridge internal and external resilience standards.
Must-Have Skills
- Strong expertise in Resilience
- Business Continuity (BCP)
- Disaster Recovery (DR)
- Enterprise Resilience practices
- Risk Frameworks & Certifications
- NIST
- ISO 22301, 22316, ISO risk standards
- SOC 2 understanding (ability to spot gaps)
- Enterprise Risk Management (ERM)
- strong ERM experience is highly valued.
Nice-to-Have Skills
- ServiceNow (any vendor risk modules a plus)
- Other vendor risk platforms: Graphite Connect, GEP
- Contract experience (addendums, requirements)
- Vendor governance or TPRM exposure
Experience Level
- Minimum: 5 years, but senior profiles are more realistic due to niche skillset.
- Ideal candidates often have 10–18 years across resilience, risk, and governance.