We're revolutionizing the fitness & wellness industry, and we’re looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry’s most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we’re partnering with more than 70,000 fitness studios, gyms, salons, and spas around the world. We’re not just another tech company—we’re far and away the leader of our industry. So join the team, work with mission-led people, and enjoy amazing benefits. Let’s see what we can accomplish together!
Who we are
We’re a passionate engineering, platform, and operations team, developing and supporting ground-breaking products. Together, we’ll build for the future, creating more opportunities for wellness businesses around the world to help their customers lead full, healthy lives. We push ourselves and our company to always strive for this higher purpose, recognizing the power in working together toward the same goal. We believe in building a diverse company where everyone feels safe bringing their authentic selves to work. And we believe that the secret to success is our people. Join the team, and let’s see what we can accomplish together!
The Third-Party Security Risk Analyst is a critical position in which you will manage security’s third party risk and customer trust center programs. This role supports management by providing data analyses reporting on third party risk, focusing on conducting and evaluating third party risk assessments. These assessments and analyses will cover cybersecurity and will require collaborating with internal partners and third parties to identify, analyze and mitigate, or otherwise, resolve third party risks. This role also works closely with internal business customers to ensure existing and potential customers are provided accurate security posture information through timely questionnaire responses and content provided in our customer trust center.
You'll likely spend time working on
- Manage the third-party risk assessment for new vendors
- Perform ongoing security risk assessments and monitor security posture of existing third-parties
- Implement enhancements to the TPRM Program, including recommendations on process, automation, and tooling
- Catalog and assign risk rankings of vendor and customer relationships by analyzing due diligence questionnaire responses and documentation
- Prepare security risk reports, dashboards, and operational review metrics (KRIs) or other metrics for continuous improvement and monitoring.
- Maintain the customer trust center documentation and customer security requests
About the right team member
- Self-starter with the desire to ramp up quickly, collaborate, execute and propose alternative or creative solutions when necessary
- Excellent time management, critical thinking, analytical and communication skills
- Resourceful and can work well independently
- Strong interpersonal skills, capable of interacting at all levels of the organization and also with vendors
- The ability to multitask and complete assignments within deadlines that may have short lead times
- High emotional intelligence and strong collaboration skills
You'll thrive in this role with experience in
- 3-4 years of professional work experience in internal audit, supply chain risk, or operational risk in a regulated environment
- Project or program management and documentation
- Relevant industry certifications (e.g. CISSP, CISM, CRISC, CISA)
- Evidence collection and analysis
Technologies you'll be working with
- A dedicated Governance, Risk and Compliance tool
- Cyber rating tool such as Security Scorecard or Upguard
- Microsoft tools such as Powerpoint, Visio, Excel and Word
Have we piqued your curiosity?
Sound like the role for you? We’d love to hear from you! Even if you’re not 100% sure about potential fit, we still encourage you to apply. We’re looking for the right person, not the perfect series of checkboxes.
Mindbody is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.