Position Summary
Effectual is seeking an Associate Business Analyst to support a third-party risk and vendor security assurance program for a large enterprise customer. This role will work closely with the Senior Business Analyst to improve efficiency, accuracy, and visibility of third-party vendor security reviews. The Associate Business Analyst will assist with intake triage, execution of standard review workflows, vendor metadata maintenance, and day-to-day operational tasks that support third-party governance.
This position is ideal for someone early in their security career who is detail-oriented, eager to learn, and motivated to grow into more advanced risk, automation, and AI-enabled workflow capabilities over time.
Essential Duties and Responsibilities
- Support intake triage of third-party vendor requests and route cases according to established SSA workflows
- Assist with initial vendor security review steps, including documentation collection and preliminary analysis
- Maintain and enrich vendor metadata within systems such as Grip Security, Airtable, OneTrust, ZipHQ, and the Customer Software List
- Ensure accurate data entry, tagging, and quality assurance across SSA tracking tools
- Support workflow automation efforts in Jira, Airtable, and Goose under senior guidance
- Track SLAs, update review logs, and maintain operational dashboards
- Document review outcomes and maintain process guidance materials
- Participate in team training, cross-functional onboarding sessions, and continuous improvement activities
- Provide surge support during high-volume periods or when senior staff are unavailable
Qualifications
- Foundational understanding of third-party risk, SaaS applications, or security review processes
- Experience with common business and security tools (e.g., Jira, Airtable, G Suite, Slack)
- Strong attention to detail and ability to follow structured workflows
- Excellent written communication and documentation skills
- Ability to manage multiple tasks simultaneously and meet deadlines
- Willingness to learn automation technologies and AI-enabled review processes
Nice-to-Have Skills and Experience
- Exposure to vendor governance, SOC/ISO certifications, or SaaS security assessments
- Basic familiarity with Python, SQL, or lightweight scripting
- Experience with data tools such as Airtable, Snowflake, or Grip Security