Advanced Risk & Compliance Analyst – Third Party Risk Management
What Relativity Has to Offer:
Work Location Eligibility
This position is open to candidates based in the following locations:
Job details
Posting Type
Hybrid
Job Overview
Here at Relativity, we prioritize flexibility and work-life harmony. Our Hybrid work environment provides options tailored to your role and location, aiming to enhance engagement, connectivity, and productivity.Join us to experience a culture of collaboration and innovation, where connecting in-person adds value to our collective growth. Let's work together!
The Advanced Risk and Compliance Analyst coordinates security, risk, and compliance initiatives within Relativity’s supplier landscape and supports the development and maintenance of Calder7’s security standards.
Job Description and Requirements
These things will be key to be successful in this role:
You are motivated to be part of an international team in a security-focused environment within the Legal Tech industry.
You want to partner with Calder7, Procurement, and Legal teams to modernize a Third-Party Risk Management Program.
You want to have a real impact on the security and risk assessments of the leading Legal Data Intelligence product.
You enjoy and thrive in cross-functional collaboration.
You enjoy building new processes and operating procedures from the ground-up.
You are passionate about Security and Risk Management.
What are the core duties of this role?
Lead and mature our Third-Party Risk Management (TPRM) continuous monitoring program.
Proactively identifying, assessing, and responding to ongoing third-party risk signals across vendors, suppliers, partners, and service providers.
Design, implement, and own the continuous monitoring strategy for third-party risk across Relativity.
Continuously evaluate and enhance monitoring coverage and effectiveness
Identify, ingest, and analyze internal and external risk signals, including cyber posture, security events, operational resilience indicators, financial health, and regulatory findings
Leverage automated monitoring tools and data sources to detect changes in third-party risk posture
Triage third-party risk events and determine severity, impact, and required actions
Coordinate with Procurement, Legal, Calder7, and Senior Leadership on response plans
Track remediation activities, validate corrective actions, and manage risk exceptions
Define and maintain KRIs, dashboards, and executive reporting for third-party risk trends
Minimum qualifications:
Bachelor’s degree in Risk Management, Information Systems, Cybersecurity, Business, Law, or related field
3-6+ years of professional experience in third-party risk management, vendor risk, enterprise risk, or compliance
Demonstrated hands-on experience with third-party risk continuous monitoring
Experience identifying, analyzing, and responding to ongoing third-party risk signals (e.g., cyber posture changes, incidents, regulatory or operational events)
Working knowledge of third-party risk domains, including information security, privacy, operational, and compliance risk
Familiarity with risk and control frameworks, including ISO/IEC 27001/27018 and/or comparable frameworks (e.g., NIST 800-53, SOC 2)
Experience supporting issue management, remediation tracking, and risk escalation for third-party risk
Strong written and verbal communication skills, with the ability to clearly articulate risk to technical and non-technical stakeholders
Ability to translate complex regulatory requirements into practical, scalable solutions
Hybrid-working role (2+ days in office)
Preferred qualifications:
Experience working in a SaaS environment operating on a global scale
Experience in the legal space and with a high understanding of e-discovery and litigation
Relevant certifications (e.g., CTPRP, CTPRA, CompTIA CySA+, CRISC, CISA, CISSP)
Experience with continuous monitoring and risk intelligence tools (e.g., RiskRecon, BitSight, SecurityScorecard, Panorays, ProcessUnity, BlackKite, Safe Security)
Experience in regulated or highly complex environments
Familiarity with cloud and critical third-party ecosystems
Benefit Highlights:
Comprehensive health, dental, and vision plans
Parental leave for primary and secondary caregivers
Flexible work arrangements
Two, week-long company breaks per year
Additional time off
Long-term incentive program
Training investment program
Relativity is a diverse workplace with different skills and life experiences-and we love and celebrate those differences. We believe that employees are happiest when they're empowered to be their full, authentic selves, regardless how you identify.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Relativity is committed to competitive, fair, and equitable compensation practices.
This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives.
The expected salary range for this role is between following values:
158 000 and 236 000PLNThe final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position.
Required Skills:
Compliance Management, Cybersecurity, Financial Reports, Fraud Detection, Internal Controls, Regulatory Compliance Management, Risk Assessments, Risk Compliance, Risk Mitigation, Risk Mitigation Strategies