Ellie Mae Sr. Vendor Risk Analyst in Pleasanton, California

Sr. Vendor Risk Analyst

Department: Legal/Compliance

Location: CA - Pleasanton

WkDay Req Number: 180229

Hot Job:


Ellie Mae (NYSE:ELLI) is a leading provider of innovative on-demand software solutions and services for the residential mortgage industry. Mortgage lenders of all sizes use Ellie Mae’s Encompass® all-in-one mortgage management solution, Mavent Compliance Service, and AllRegs research, reference and education resources to improve compliance, loan quality and efficiency across the entire mortgage lifecycle.

Summary of Responsibilities

The Senior Vendor Risk Analyst is responsible for project administration, tracking, monitoring and response coordination for vendor risk assessments, vendor risk management, internal audit coordination and regulatory compliance items in alignment of Vendor Management Policy and Standards. He/she will report directly to the Director of Vendor Management in the company’s Legal Organization.

Primary Responsibilities & Objectives

  • Perform vendor risk assessments on new and existing third parties on an enterprise-wide basis.

  • Preparation of detailed and summary reports of assessment including customer reports as needed.

  • Perform vendor on-site risk assessment where necessary.

  • Work as a subject-matter-expert (SME) with cross-functional oversight to include Security, IT, Legal, Finance, HR, BCP/DR and functional department Vendor Managers to ensure compliance and integration of vendor management lifecycle elements.

  • Work directly with internal business partners and vendor managers to assist them in effectively managing their operational risks related to identification of potential risks in business processes, applications, systems, associated with vendor engagement.

  • Partner with business units in developing and implementing controls to effectively mitigate the risks inherent in each customer or vendor relationship.

  • Work directly with new and existing third party vendors to assess risk controls to ensure data is available and adequately safeguarded.

  • Partner with vendor account managers in various business units in their tracking and documenting vendor of performance, issue escalation and resolution, and reporting.

  • Participate in the development, implementation and maintenance of Vendor Management policies and procedures in alignment with best practices

  • Promote awareness and enhance our internal service model that informs the business of key risks in a timely manner so as to limit unnecessary impediments.

  • Contribute to building of training program for internal business partners on vendor due diligence process as well as their obligation tin ongoing monitoring

  • Ability to assist in contract reviews and recommend redlines where appropriate.

Position Qualifications

  • 5+ years of operational and/or vendor risk assessment experience required within a corporate environment.

  • 2+ years of performing vendor on-site assessments.


  • BS/BA degree, advanced degree preferred or equivalent experience.

  • Certification in risk management and/or vendor risk management preferred (e.g. CRISC, CTPRP)

  • Experience in a public accounting firm performing risk assessments on behalf of customers will be considered.

Other Qualifications, Experience & Skills

  • Up to 25% travel within the U.S. to perform vendor on-site assessments. Also may require a limited amount of international travel for off-shore vendors.

  • Excellent verbal and written communication skills to deliver assessment reports in a concise, persuasive and succinct manner.

  • Proven ability to synthesize and summarize complex data into concise recommendations and reports.

  • Ability to foster effective working relationships with both internal and external business stakeholders.

  • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive assessments to completion and meet deadlines in a fast-paced environment with only periodic supervision.

  • Ability to work collaboratively and manage and initiate effective cross-functional relationships maintaining a high level of professionalism, self-motivation and a strong sense of urgency

  • Strong computer skills including Microsoft Office Suite; Word, Excel, Powerpoint. Experience with GRC tools (e.g., RSAM*, Archer, Metric Stream) is a plus. *RSAM is our GRC tool.

  • Strong understanding of the principles of risk management, information security and their relationship to corporate governance activities such as operational risk assessment and organizational impact.

  • Clear understanding of financial industry standards risk analysis approaches: ISO, COBIT, COSO as well as Sarbanes Oxley, GLBA and crisis management/business resiliency practices.

  • Demonstrated leadership skills that instill trust and confidence with the ability to influence execution.

  • Demonstrated abilities in problem-solving and analysis: identifies issues, analyzes information to assess root cause and relationships, risks, and potential risk responses.

Ellie Mae is an Equal Opportunity/ Affirmative Action Employer. Minorities, Females, Disabled and Veterans are encouraged to apply.

We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us .