Question
FULL_TIME
2-5

Risk Analyst (Vendor Risk)

1/11/2026

The Risk Analyst will assess, monitor, and manage risks associated with third-party vendors, ensuring compliance with regulatory requirements and internal policies. They will collaborate with various teams to identify risks and provide insights through effective reporting.

Working Hours

40 hours/week

Company Size

1,001-5,000 employees

Language

English

Visa Sponsorship

No

About The Company
Tabby creates financial freedom in the way people shop, earn and save by reshaping their relationship with money. Over 14 million users choose Tabby to stay in control of their spending and make the most out of their money. Over 40,000 global brands and small businesses, including SHEIN, Amazon, Adidas, IKEA, H&M, Samsung and Noon use Tabby’s technology to accelerate growth and gain loyal customers by offering flexible payments online and in stores. Tabby is active in Saudi Arabia, UAE, and Kuwait, and is now valued at $1.5 billion in its last round of funding from Wellington Management, STV, Mubadala Investment Capital, PayPal Ventures, Arbor Ventures, Bluepool, Hassana Investment Capital, Soros Capital Management and Saudi Venture Capital.
About the Role

Risk Analyst (Vendor Risk)

Department: Risk Enterprise

Employment Type: Full Time

Location: KSA



Description

We are looking for a Risk Management Analyst who will be  responsible for assessing, monitoring, and managing risks associated with third-party vendors across their lifecycle, ensuring compliance with regulatory requirements and internal policies.
 
You will work closely with business, technology, legal, procurement, and compliance teams to identify risks, support remediation activities, and provide clear risk insights to stakeholders and management through effective reporting and governance.


Key Responsibilities


1. Framework Implementation

  • Support the execution of Tabby's Third-Party Risk Management framework, including the application of relevant policies, procedures, and controls.

  • Contribute to the continuous improvement of risk management practices in line with industry standards and regulatory expectations.


2. Risk Assessment & Monitoring

  • Conduct comprehensive risk assessments of vendors to evaluate their inherent and residual risks.

  • Review vendor documentation such as financial reports, security certifications, and compliance attestations.

  • Perform ongoing monitoring of vendor performance, risk indicators, and adherence to contractual and regulatory requirements.


3. Compliance & Governance

  • Ensure all third-party engagements comply with applicable laws, regulations, and internal policies.

  • Maintain accurate and up-to-date vendor risk records and documentation for audit and regulatory purposes.


4. Stakeholder Collaboration

  • Work closely with business units, IT, legal, procurement, and compliance teams to identify, assess, and mitigate risks throughout the vendor lifecycle.

  • Provide risk insights and recommendations to internal stakeholders for informed decision-making.


5. Risk Mitigation & Remediation

  • Identify potential vendor-related risks and coordinate with internal and external parties to develop risk mitigation plans.

  • Monitor remediation efforts to ensure timely closure of identified issues or control gaps.


6. Reporting

  • Prepare and deliver vendor risk reports to management and key stakeholders, highlighting trends, risk ratings, and emerging issues.

  • Support data collection and analysis for management dashboards and regulatory submissions.


7. Vendor Lifecycle Management

  • Assist in vendor onboarding, due diligence, contract review, ongoing monitoring, and offboarding processes.

  • Ensure consistent application of risk criteria across all stages of the vendor lifecycle.




Skills, Knowledge and Expertise


  • Bachelor’s degree in Risk Management, Business Administration, Finance, IT, or a related field.
  • 2–4 years of relevant experience in third-party risk management, vendor management, or operational risk.
  • Knowledge of regulatory requirements (e.g., ISO 27001, PDPL, GDPR, PCI-DSS) and risk frameworks.
  • Strong analytical, organizational, and communication skills.
  • Proficiency in MS Office, GRC tools, or TPRM platforms.

Key Skills
Risk ManagementVendor ManagementOperational RiskRegulatory RequirementsAnalytical SkillsOrganizational SkillsCommunication SkillsMS OfficeGRC ToolsTPRM Platforms
Categories
Finance & AccountingManagement & LeadershipConsultingData & AnalyticsSecurity & Safety
Apply Now

Please let Tabby know you found this job on InterviewPal. This helps us grow!

Apply Now
Prepare for Your Interview

We scan and aggregate real interview questions reported by candidates across thousands of companies. This role already has a tailored question set waiting for you.

Elevate your application

Generate a resume, cover letter, or prepare with our AI mock interviewer tailored to this job's requirements.

Tailor my ResumeWrite my cover letterFind Your Cover Letter