Supplier Compliance Analyst

To Apply for this Job Click Here

Always Connecting, Always Evolving.

TECHEAD is seeking qualified applicants for the following Contract position – Supplier Compliance Analyst / Richmond VA – (JOB-21435). If you are looking for a new opportunity and this position looks to be a fit, please apply to see the TECHEAD difference that has made us successful for 30+ years!

You can find more about our team and values by checking us out at TECHEAD.com or on Glassdoor

Job Description:
Supplier Compliance Analyst

Contract: 1 Year
Hybrid: 1 day a week onsite
Local Candidates Only
Richmond, VA

**MUST HAVE 2+ years of experience**

Responsibilities:
1. Create a Supplier Decommissioning Procedure (with clear steps, expectations and timelines, and Roles & Responsibilities)
2. Communicate the Supplier Decom Procedure to the appropriate stakeholders (including Supplier Managers, etc.,)
3. Enforce the Supplier Decom Process
4. Develop Annual Report of Supplier Decom & Status, and communicate to the appropriate stakeholders (including managers of the Supplier Managers, etc.,)
5. Evaluate Sirion to Archer Data feed for terminated or expired Contracts
6. Ensure supplier managers follow up with suppliers to request copy of the following documents and upload them to Archer engagement record:

a. High Risk Supplier Engagement – Annual Pen Test Report(s) and SOC 2 Type II report. **Note, please refer to the SISE or SISPE in the active agreement with supplier to determine which documentation the supplier is obligated to provide to Altria on an annual basis (such as Pen Test, SOC 2 Type II, ISO, etc.,)

b. Moderate Risk Supplier Engagement – Annual self-certification or self-attestation letter stating supplier is complying with company requirements as agreed to per contract. **Note, please refer to the SISE or SISPE in the active agreement with supplier to determine which documentation the supplier is obligated to provide to the business on an annual basis, due to some suppliers will agree to provide a SOC II Type II report or ISO cert (and the like)

c. Review Pen Test and SOC II Type II reports to identify critical and high-risk issues still pending remediation

7. Notify business of open issues (where the issues are either partially treated or still pending treatments)
8. Manually register issues into Archer GRC platform (when needed)
9. Assist in develop monthly schedule (6 to 12 assessments) for each calendar month.
10. Track and report on status weekly. This includes coordination with supplier managers, suppliers, and 3rd party assessment providers to inform them of their tasks, their deadlines and hold them accountable to the deadlines with support from the Supplier Risk Manager.

TECHEAD’s mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won’t strive for anything less.

TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

For more information on TECHEAD please visit www.techead.com.

No second parties will be accepted.

To Apply for this Job Click Here