Mindboxgroup
Risk Analyst
Job description
At Mindbox we connect top IT talents with technology projects for leading enterprises across Europe.
As a Third-Party Risk Analyst , you will play a critical part in protecting Equinix from third-party cybersecurity and operational risks. This role involves executing risk-based due diligence , monitoring supplier security posture , and supporting Equinix’s Third-Party Risk Management (TPRM) program in line with industry and regulatory standards.
Sounds like your kind of challenge?
What you'll be doing
- Risk Assessment & Due Diligence
- Perform cybersecurity and risk assessments on third parties using standardized industry frameworks
- Evaluate supplier security posture, controls, and compliance with Equinix standards
- Analyze risk across multiple domains: information security, data privacy, and business continuity
- Assign risk ratings and document findings according to TPRM standards
- Risk Identification & Issue Management
- Detect control gaps and vulnerabilities; recommend remediation plans
- Track and document remediation progress with vendors and internal teams
- Escalate high-risk findings based on defined governance thresholds
- Ongoing Monitoring
- Support continuous monitoring : threat intelligence reviews, security ratings, vendor performance updates
- Track changes in risk posture and support periodic reassessments
- Stakeholder Engagement
- Partner with Procurement, Security, Legal, and Business Units to enable risk-based decisions
- Communicate risk findings effectively to technical and non-technical stakeholders
- Program Support & Documentation
- Maintain accurate and auditable records of assessments and decisions
- Ensure compliance with TPRM policies, industry standards, and regulations (e.g., DORA, NIST, ISO)
- Support audits and regulatory reviews with necessary documentation
Note: Detailed project information will be shared during the recruitment process.
What you get in return
- Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
- Hybrid work setup – remote days available depending on the client’s arrangements - 2 days a week from the office in Warszawa
- Collaborative team culture – work alongside experienced professionals eager to share knowledge
- Continuous development – access to training platforms and growth opportunities
- Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
- High quality equipment – laptop and essential software provided
Who we're looking for Required Skills
- 3–5 years’ experience in risk management, cybersecurity risk, or IT risk
- Expertise in conducting vendor cybersecurity assessments and due diligence reviews
- Knowledge of frameworks: NIST, ISO 27001, SOC 2
- Strong analytical and problem-solving skills
- Ability to assess risk under uncertainty and propose actionable solutions
- Excellent written and verbal communication skills
Nice to Have
- Experience in tech, financial services, or regulated environments
- Familiarity with regulatory standards: DORA, GDPR, SOX
Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.
Ready to take the next step? Submit your application! We look forward to reviewing your profile 😊
Know someone who might be a great fit? Feel free to share this opportunity using the referral link: Mindbox Referrals System


