** This role is not eligible for sponsorship AND is four days onsite hybrid at our N. Scottsdale office **
Job Summary
The Third Party Risk Management (TPRM) Analyst II supports the execution and continuous improvement of Choice’s Third Party Risk Management program. This role performs vendor risk assessments, evaluates control effectiveness, reviews supporting evidence, monitors remediation activities, and helps ensure third‑party partners meet Choice’s security, privacy, and compliance requirements.
The Analyst II operates with moderate autonomy, applying strong analytical, communication, and collaboration skills to solve problems, influence outcomes, and execute consistently in alignment with Choice’s expectations for adaptability and operational excellence.
Organization & Role Context
This is an individual contributor role within the Information Technology Risk Management organization. The position reports to the Senior Manager, GRC and partners closely with Technology, Internal Audit, Legal, Procurement, Privacy, and business unit stakeholders to support third‑party risk oversight across the enterprise.
Primary Duties & Accountabilities
Third‑Party Risk Assessments
- Conduct inherent and residual risk assessments for new and existing third‑party vendors.
- Perform security, privacy, and compliance assessments using standardized questionnaires and industry frameworks (e.g., SOC 2, SIG, ISO 27001, NIST).
- Review and analyze vendor‑provided documentation and evidence for adequacy, completeness, and control effectiveness.
- Document assessment results, identify risk gaps, and recommend remediation actions aligned with defined standards.
- Ensure assessments are completed in accordance with internal procedures and execution expectations.
Vendor Monitoring & Issue Management
- Track vendor remediation plans and validate closure of corrective actions.
- Monitor high‑risk vendors for changes in risk posture, control effectiveness, or material issues.
- Maintain centralized records, reporting, and dashboards to support ongoing oversight.
- Support periodic vendor reviews and recurring reassessment cycles.
Process Documentation & Governance Support
- Contribute to updates of TPRM procedures, workflows, and program documentation.
- Support internal and external audits by gathering evidence and documenting processes.
- Ensure program activities align with Choice’s governance standards and risk expectations.
Cross‑Functional Collaboration & Communication
- Partner with Legal, Procurement, Technology, Privacy, and business units to determine appropriate risk requirements for vendor engagements.
- Communicate assessment results, risk issues, and required next steps clearly to stakeholders.
- Provide guidance to internal partners on vendor intake forms and required risk documentation.
- Participate in vendor onboarding and review meetings as needed.
Continuous Improvement & Professional Development
- Stay current on third‑party risk trends, regulatory requirements, and industry best practices.
- Identify incremental improvements to assessment workflows and vendor experience.
- Pursue relevant TPRM, information security, or GRC training and certifications to support professional growth.
Qualifications
Education
- Bachelor’s degree in Information Security, Information Technology, Business, Risk Management, or a related field or an equivalent combination of education and relevant work experience.
Experience
- 2–4 years of experience in third‑party/vendor risk management, IT risk, cybersecurity, compliance, or GRC.
- Experience reviewing SOC reports, security questionnaires, and vendor compliance evidence preferred.
- Familiarity with frameworks such as SOC 2, ISO 27001, NIST, PCI, and SIG beneficial.
Skills & Competencies
- Strong analytical skills with the ability to interpret technical security documentation and identify risk gaps.
- Solid problem‑solving and decision‑making capabilities.
- Effective written and verbal communication skills, with the ability to explain risk concepts to non‑technical audiences.
- Ability to manage work independently while collaborating effectively across teams.
- High attention to detail with strong organizational and documentation skills.
- Ability to adapt to change and shifting priorities, consistent with Analyst II / mid‑level IC expectations.
Salary Range
The salary range for this position is $81,000 to $95,000 annually.
The pay range listed is for this position and is what Choice Hotels reasonably expects to pay. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee’s pay position within the pay range will be based on several factors including, but not limited to, relevant education, qualifications, qualifications, qualifications, certifications, experience, skills, seniority, geographic location, performance, shift, travel requirements, sales or revenue-based metrics, and business or organizational needs.
**This role is not eligible for sponsorship**
#LI-Onsite
Choice prioritizes our associate wellbeing by offering a comprehensive benefits program that is both competitive and flexible to help you achieve your wellbeing goals - here are just a few:
- Competitive compensation and benefits, including medical, dental, and vision coverage
- Leave and paid time-off for holidays, vacation, personal, family, volunteer, sick, jury duty, bereavement, military, and religious observance
- Financial benefits for retirement and health savings
- Employee recognition programs
- Discounts at Choice hotels worldwide
About Choice
Choice Hotels International, Inc. (NYSE: CHH), is one of the largest lodging franchisors in the world. With 7,500 hotels in 45+ countries and territories, we offer a range of high-quality lodging options in the upper upscale, upper midscale, midscale, extended stay, and economy segments. We’re the hotel company for those who choose to bet on themselves — the striver, the dreamer, the entrepreneur — because that’s who we are, too.
At Choice, we are united by the simple belief that tomorrow will be even better than today — for associates, our company, and our franchisees. At our worldwide corporate headquarters in North Bethesda, Maryland, at our technology center in Scottsdale, Arizona, and through our associates around the globe, every voice is heard and every idea is listened to, no matter what area of the company they come from. We are united in supporting the entrepreneurial dreams of our thousands of franchise owners, which propels us forward — giving our work at Choice a purpose larger than our business.
Our corporate office locations:
North Bethesda, MD — Located at Pike & Rose, our worldwide headquarters is less than 15 miles from Washington, D.C., one block away from the North Bethesda Metro station, with easy access to I-495, complimentary parking, electronic charging stations, restaurants and retail.
Scottsdale, AZ — Located at the northwest corner of Loop 101, the Scottsdale office is home to our technology, eCommerce and customer service organizations, with easy access to complimentary parking, electronic charging stations, restaurants and retail.
Minneapolis, MN — Select roles are based in our Minneapolis office on Highway 394, near the intersection with Highway 100, only five minutes from downtown.
Field/Remote — Select roles designated as field/remote will require associates to work from a home office, connecting virtually with Choice team members and leadership on Zoom, with possible required travel depending on the role.
Choice’s Cultural Values
Welcome and Respect Everyone | Be Bold | Be Quick | Listen | Be Curious | Show Integrity
Choice’s Leadership Principles
Act with Intention | Lead with Authenticity | Grow & Deliver