CrawlJobs Logo

Cybersecurity Third-Party Risk Analyst

https://www.circlek.com Logo

Circle K

Location Icon

Location:
United States , Tempe

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a detail-oriented and security-conscious Cybersecurity Third-Party Risk Analyst to assess and mitigate risks associated with third-party vendors and service providers. This role is crucial in ensuring that external partnerships align with our security policies, industry regulations, and best practices. The ideal candidate will have experience in cybersecurity, risk assessment, and vendor management.

Job Responsibility:

  • Conduct comprehensive security assessments of third-party vendors to identify potential risks and vulnerabilities
  • Evaluate vendor security policies, procedures, and controls to ensure compliance with company and industry standards
  • Develop and maintain third-party cybersecurity risk management (TPCRM) frameworks, policies, and procedures
  • Work closely with procurement, legal, and cybersecurity compliance teams to integrate security requirements into vendor contracts
  • Monitor vendor security performance using automated tools, questionnaires, and periodic audits
  • Stay updated on cybersecurity threats, regulatory requirements, and best practices for third-party risk management
  • Collaborate with internal teams to address security concerns related to third-party vendors
  • Maintain foundational documentation related to the third-party process
  • Provide recommendations and remediation guidance to vendors with identified security gaps.

Requirements:

  • Bachelor’s degree in cybersecurity, information technology, risk management, or a related field
  • 2-4 years of experience in cybersecurity risk assessment, vendor risk management, or a similar role
  • Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, SOC 2, CIS, GDPR, HIPAA)
  • Familiarity with third-party risk management platforms and security assessment tools
  • Ability to analyze security reports and communicate risk findings effectively
  • Strong problem-solving skills and attention to detail
  • Excellent verbal and written communication skills.

Additional Information:

Job Posted:
April 24, 2025

Work Type:
On-site work
Icon
Circle K - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Third-Party Risk Analyst

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Third-Party Risk Analyst

As a Third-Party Risk Analyst, you will be responsible for evaluating, monitorin...
Location
Location
United States , Baltimore
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Risk, Business, Business Technology, Cybersecurity, or a related field
  • 2+ years of experience in third-party risk management, vendor management, procurement, internal audit
  • Strong understanding of third-party risk management principles, methodologies, and best practices
  • Detail-oriented and organized, with the ability to manage multiple priorities and deadlines in a fast-paced environment
  • Proficiency in using risk management tools, software, and technologies to support third-party risk assessment and monitoring activities
  • Excellent analytical, problem-solving, and critical-thinking skills, with the ability to assess complex situations and make informed risk-based decisions
  • Effective communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments of third-party vendors and service providers
  • Review and analyze third-party contracts, agreements, and security documentation
  • Develop and implement risk mitigation strategies and action plans
  • Monitor and track third-party risk indicators
  • Collaborate with internal audit, compliance, and information security teams
  • Collaborate with procurement, legal, and business units
  • Conduct periodic reviews and audits of third-party vendors
  • Provide regular reporting and updates to senior management, the board of directors, and other stakeholders
  • Stay informed about industry trends, emerging risks, and best practices in third-party risk management
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Cybersecurity Analyst

We are looking for a Cybersecurity Analyst who will be in charge with handling t...
Location
Location
Romania , Bucharest
Salary
Salary:
Not provided
https://www.inetum.com Logo
Inetum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years’ experience in IT security/networking environment
  • Proven experience in risk analysis and third-party security processing
  • Good knowledge of Information Security
  • Good command of Microsoft Office
  • Fluent in French and medium English
  • Understanding of Risk assessment
  • ISO27001 / ISO27005 knowledge would be a plus
  • High level of attention to detail and ability to retrieve and work with information from different tools and applications
  • Fast and independent learner, able to work both with and without fixed procedures
  • Communication skills to liaise with various stakeholders and share knowledge within the team
Job Responsibility
Job Responsibility
  • Realization of security deliverables ordered by the security correspondent and CISO
  • Interact with other Group entities on security topics/requests
  • Handling specific AWS cloud security alerts
  • Handling exception management requests regarding website access, application installation, route opening received via email & ticketing tools
  • Handling any other security related requests that fall into the scope of the job
  • Participating in the realization of monthly and quarterly reports
  • Proposing ideas for improving the internal procedures to make them more efficient
What we offer
What we offer
  • Full access to foreign language learning platform
  • Personalized access to tech learning platforms
  • Tailored workshops and trainings to sustain your growth
  • Medical subscription
  • Meal tickets
  • Monthly budget to allocate on flexible benefit platform
  • Access to 7 Card services
  • Wellbeing activities and gatherings
  • Fulltime
Read More
Arrow Right

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Risk & Information Security Associate Analyst

We are looking for a highly organized, detail-oriented Risk & Information Securi...
Location
Location
Cyprus , Nicosia
Salary
Salary:
Not provided
www-ap.albourne.com Logo
Albourne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–3 years of professional experience
  • Excellent organizational skills with the ability to manage multiple workstreams and meet deadlines in a dynamic environment
  • Strong written and verbal communication skills, including the ability to prepare concise, well-structured documents and interact professionally across all levels of the business
  • Meticulous attention to detail, particularly in preparing audit materials, compliance documentation, and reviewing access controls
  • Proactive and self-motivated, able to work independently and across time zones without direct daily supervision
  • Comfortable handling sensitive and confidential information with discretion
  • Interest in technology, cybersecurity, and enterprise risk
  • Basic understanding of information security principles and frameworks (e.g., ISO 27001, NIST)
  • Ability to interpret and work with structured information (e.g., policies, risk registers, audit plans)
  • Capable of coordinating inputs from multiple stakeholders and compiling them into coherent outputs (e.g., committee papers, training summaries, client DDQs)
Job Responsibility
Job Responsibility
  • Monitor and report on the effectiveness of information security controls
  • Support the identification, tracking, and resolution of security incidents or weaknesses
  • Assist in maintaining security metrics and dashboards for internal reporting
  • Contribute to the assessment of operational, technology, and third-party risks
  • Assist in evaluating controls and proposing mitigation strategies aligned with risk appetite
  • Participate in internal audits and control testing, ensuring timely remediation of findings
  • Help maintain and enforce security and risk management policies and procedures
  • Support compliance with relevant data protection, privacy, and information security regulations
  • Coordinate periodic user access reviews and assist with awareness initiatives
  • Work across departments to gather risk-related information and support secure business operations
What we offer
What we offer
  • Support for professional qualifications (such as CFA and CAIA)
  • Career growth and tools for ongoing learning and development
  • Medical insurance for you and your dependents
  • Provident fund
  • Yearly bonus dependent upon performance and company growth
  • Opportunity for international travel (i.e., short periods of secondment to other Albourne offices)
  • 5 additional service recognition holidays in surplus to standard annual leave
  • Albourne Training Days (minimum of 40 hours per year)
  • Free office parking
  • A supportive, diverse, and multi-cultural work environment
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Risk & Compliance Analyst

The Senior Cybersecurity Risk & Compliance Analyst is responsible for executing ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
kennametal.com Logo
Kennametal
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security, Information Systems, Computer Science, or related field
  • 5–8 years of experience in cybersecurity risk management, GRC, or enterprise risk roles
  • Demonstrated hands-on experience conducting formal cybersecurity risk assessments
  • Working knowledge of major cybersecurity frameworks (NIST RMF, NIST CSF, ISO 27001)
  • Strong written and verbal communication skills with the ability to brief technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Lead structured cybersecurity risk assessments across business, IT, and OT environments
  • Perform qualitative and quantitative risk analysis using recognized methodologies (e.g., NIST 800-30, FAIR, OCTAVE)
  • Maintain cybersecurity risk register entries, including risk statements, impact analysis, likelihood assessments, and remediation tracking
  • Monitor and report the status and effectiveness of risk mitigation plans
  • Develop and present cybersecurity risk status metrics and summaries for leadership review
  • Serve as a subject-matter expert for cybersecurity risk identification and treatment guidance
  • Identify confidentiality, integrity, and availability (CIA) requirements for information assets
  • Support Kennametal’s information classification and data protection programs
  • Provide risk-based input into data protection controls, including Data Loss Prevention (DLP) strategies
  • Advise stakeholders on appropriate handling, labeling, and protection of sensitive data
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Poland Jobs Ireland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy