Jobs › Senior Analyst, Procurement (Third-Party Risk & Vendor Management)
Senior Analyst, Procurement (Third-Party Risk & Vendor Management)
Role at a glance
- Category
- Risk
- Work arrangement
- On-site
- Location
- Madrid, Spain
- Posted
- Jun 22, 2026
OneTrust is hiring a Senior Analyst, Procurement (Third-Party Risk & Vendor Management) in Madrid, Spain. This is a Risk role in the governance, risk, and compliance field. Review the full details below and apply directly with OneTrust.
Strength in Trust span OneTrust’s mission is to enable innovation through the responsible use of data and AI. We believe that ensuring data is trusted shouldn’t slow teams down—it should accelerate what’s possible. This led us to develop the first technology platform for responsible data use in 2016. Today, with AI representing the latest and most impactful expansion of data yet, OneTrust is once again redefining what responsible innovation looks like. OneTrust, the AI‑Ready Governance Platform™, unifies regulatory intelligence, automation, and connected governance workflows so businesses can continue to move at the speed of AI while ensuring good governance to prevent data misuse at scale. Trusted by thousands of organizations worldwide, OneTrust is shaping the future where trusted data becomes a transformative force for business and society. span The Challenge OneTrust is looking for a Senior Analyst, Procurement focused on Third-Party Risk and Vendor Management to join our Global Procurement organization in Madrid. This role will sit at the intersection of Procurement, Trust Center / TPRM, and Strategic Sourcing, helping strengthen Procurement’s contribution to third-party risk intake, vendor governance, renewal planning, and software lifecycle management. The role is intended to be a strong individual contributor with hands-on experience in TPRM operations, Procurement workflows, and cross-functional coordination. The Senior Analyst will work closely with Trust Center / TPRM stakeholders, Strategic Sourcing, IT, Security, Legal, Finance, and business owners to improve risk visibility, intake execution, renewal readiness, utilization tracking, and vendor accountability. This role will also help mature Procurement’s operating model and provide stronger local support in Madrid, where key TPRM stakeholders are based. Your Mission Support and help mature Procurement’s role in the third-party risk lifecycle, including intake coordination, workflow follow-through, stakeholder alignment, and issue escalation. span Partner closely with Trust Center / TPRM stakeholders (Information Security, Security Architecture, Governance, Risk, and Compliance, Privacy, AI Governance, Business Integrity, ESG, and Ethics) to ensure Procurement is operating effectively within the intended process, RACI, and handoff mode. Act as a key Madrid-based Procurement partner for third-party risk requests, helping improve responsiveness, visibility, and execution quality. Coordinate
Full responsibilities and requirements are on OneTrust's application page.
Apply for this role →Location and market context
This role is based in Madrid, Spain on-site. Local candidates benefit from being close to OneTrust's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About risk management roles
Risk roles own the methodology for identifying, assessing, and escalating enterprise, operational, and technology risk. Second-line teams set risk appetite and challenge the first line. Roles like this one are typically evaluated against frameworks such as enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices.
How to position yourself for this risk management role
Strong candidates emphasize risk assessment methodology, appetite and escalation, cross-functional partnership, and clear reporting to senior leadership and the board. In your resume and outreach, tie your experience to how OneTrust would apply enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location