Why This Job is Featured on The SaaS Jobs
Third-party risk has become a core SaaS competency as cloud platforms rely on a wide network of subprocessors, security tooling, and service providers to deliver customer-facing experiences. This role sits at that intersection, supporting a mature SaaS environment where vendor assurances and control evidence are part of day-to-day operations, not occasional audits. The focus on lifecycle management and ongoing monitoring reflects how SaaS risk profiles evolve continuously with product and supplier changes.
For a long-term SaaS career, the work builds fluency in the artifacts and frameworks that routinely influence enterprise buying decisions, including SOC reports, ISO certifications, and structured security questionnaires. Experience running a repeatable TPRM workflow and maintaining assessment tooling translates well across SaaS companies that need scalable governance as customer expectations and regulatory scrutiny increase. The emphasis on clear risk narratives also strengthens communication skills that matter in security, compliance, and broader GRC paths.
This position tends to suit professionals who like structured processes, evidence-based analysis, and steady coordination across internal stakeholders and external vendors. It is a strong match for someone early to mid career who wants deeper exposure to how SaaS organizations operationalize trust, especially those who take satisfaction in documentation discipline and closing the loop on remediation tracking.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
Genesys empowers organizations of all sizes to improve loyalty and business outcomes by creating the best experiences for their customers and employees. Through Genesys Cloud, the AI-powered Experience Orchestration platform, organizations can accelerate growth by delivering empathetic, personalized experiences at scale to drive customer loyalty, workforce engagement, efficiency and operational improvements.
We employ more than 6,000 people across the globe who embrace empathy and cultivate collaboration to succeed. And, while we offer great benefits and perks like larger tech companies, our employees have the independence to make a larger impact on the company and take ownership of their work. Join the team and create the future of customer experience together.
Title: Third Party Risk Analyst
Location: Philippines, Flexible
Role Overview
The Third-Party Risk Analyst is a key member of the Information Security team and reports directly to the Third-Party Risk Program Manager. This role is responsible for supporting the end-to-end Third-Party Risk Management (TPRM) lifecycle, including intake, due diligence, risk assessments, issue tracking, and ongoing monitoring.
Key Responsibilities
- Manage third-party risk management workflow, including reviewing new requests, tracking in-progress assessments, and driving assessments to completion.
- Conduct initial and ongoing third-party security risk assessments, including control evaluation, risk rating, and documentation of residual risk.
- Administer and maintain the third-party risk assessment tooling (UpGuard), including vendor onboarding, questionnaire distribution, response tracking, evidence collection, and workflow/status management.
- Review and validate third-party security and compliance artifacts (e.g., SOC 2 reports, ISO 27001 certificates, policies/standards, pen test summaries) and identify control gaps.
- Document findings, write clear risk narratives, and recommend remediation actions or compensating controls aligned to internal standards and risk appetite.
- Track remediation plans, validate closure evidence, and support reassessments/refresh cycles and ongoing monitoring activities.
- Contribute to continuous improvement of TPRM processes, templates, and playbooks
Requirements
- Bachelor’s degree in information security, IT, Cybersecurity, or a related field.
- Minimum 2 years of related experience in information security, IT audit, risk, compliance, vendor management, or GRC preferred.
Skills
- Strong critical thinking and analytical skills; able to interpret evidence and translate control gaps into clear risk statements.
- Detail-oriented with strong documentation discipline and comfort working in process-driven environments.
- Strong collaboration and stakeholder management skills; able to coordinate with diverse business unit.
- Ability to review and interpret complex vendor artifacts, including SOC reports, security questionnaires, and policies.
- Strong verbal and written communication skills.
- Ability to learn new tools quickly and operate effectively.
#LI-PR1
#LI-Hybrid
If a Genesys employee referred you, please use the link they sent you to apply.
About Genesys:
Genesys® empowers more than 8,000 organizations worldwide to create the best customer and employee experiences. With agentic AI at its core, Genesys Cloud™ is the AI-Powered Experience Orchestration platform that connects people, systems, data and AI across the enterprise. As a result, organizations can drive customer loyalty, growth and retention while increasing operational efficiency and teamwork across human and AI workforces. To learn more, visit www.genesys.com.
Reasonable Accommodations:
If you require a reasonable accommodation to complete any part of the application process, or are limited in your ability to access or use this online application and need an alternative method for applying, you or someone you know may contact us at reasonable.accommodations@genesys.com.
You can expect a response within 24–48 hours. To help us provide the best support, click the email link above to open a pre-filled message and complete the requested information before sending. If you have any questions, please include them in your email.
This email is intended to support job seekers requesting accommodations. Messages unrelated to accommodation—such as application follow-ups or resume submissions—may not receive a response.
Genesys is an equal opportunity employer committed to fairness in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.
Please note that recruiters will never ask for sensitive personal or financial information during the application phase.
