CrawlJobs Logo
Robert Half Logo Robert Half · IT - Administration

Third-Party Risk Analyst

United States, Los Angeles Employment contract 120000.00 - 140000.00 USD / Year · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

The Third-Party Risk Analyst plays a critical role in safeguarding the organization's ecosystem by evaluating the security posture of external vendors and partners. This role focuses on conducting technical risk assessments across SaaS platforms, cloud environments, and hosted services while ensuring compliance with industry standards and client expectations. Based remotely, this position partners closely with IT security leadership and cross-functional stakeholders to mitigate risk and strengthen third-party security practices.

Job Responsibility

  • Conduct technical security assessments of third-party vendors across SaaS platforms, cloud infrastructure, and hosted services
  • Evaluate vendor security controls, including access management, encryption, and data protection practices
  • Review vendor documentation such as SOC 2 reports, ISO certifications, and security testing results
  • Assess cloud environments (AWS, Azure, GCP) for security configurations, segmentation, and identity controls
  • Analyze API security, including authentication methods, data transmission, and vulnerability risks
  • Evaluate DevSecOps maturity, including secure development practices and CI/CD pipeline security
  • Track and manage vendor risk findings, ensuring remediation efforts are completed in a timely manner
  • Support client-facing security activities, including questionnaires, audits, and compliance reviews
  • Collaborate with internal stakeholders to align vendor security with regulatory requirements (e.g., GDPR, CCPA)
  • Prepare risk reports and present key findings to leadership and cross-functional teams

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
  • Minimum 3+ years of experience in a technical security or third-party risk role
  • Hands-on experience with cloud security (AWS, Azure, or GCP)
  • Experience assessing SaaS applications and vendor security controls
  • Strong understanding of security frameworks such as NIST, ISO 27001, CIS Benchmarks, and SOC 2
  • Familiarity with identity and access management (IAM), SSO, and role-based access controls
  • Excellent communication skills with the ability to convey technical concepts to diverse audiences
  • Strong organizational and analytical skills in a fast-paced environment

Nice to have

  • Professional services or legal industry experience
  • Security certifications such as CISSP, CISA, CCSP, CRISC, or similar
  • Experience with API security, DevSecOps, and secure software development practices
  • Knowledge of data privacy regulations and cross-border data handling requirements
  • Experience supporting client audits and security questionnaires

What we offer

  • Discretionary bonus eligibility
  • Medical, dental, and vision coverage
  • Flexible spending accounts (FSA)
  • 401(k) with profit sharing
  • Paid time off including vacation, sick leave, and personal days
Robert Half - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Third-Party Risk Analyst

8 matching positions

Senior Analyst, Third-Party Risk – Knowledge Management

This role is accountable to execute against the team’s knowledge management stra...
Location
Location
Canada , Toronto
Salary
Salary:
55.63 USD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
July 26, 2026
Flip Icon
Requirements
Requirements
  • 1+ year supporting a Supplier Management, Risk Management, or Procurement team
  • 3+ years in an online marketing, communications or content management role
  • 3+ years using online collaborative tools / social media platforms (ie – web content management systems, chat bots, AI tools, Sharepoint etc)
  • 3+ years of advanced HTML knowledge
  • BA Degree in Marketing or Communications or a related field
Job Responsibility
Job Responsibility
  • Partner with Brand, Design and Digital teams to ensure appropriate content governance is achieved with organizational messaging of third-party risk practices
  • Optimize how third-party risk materials managed by the team is updated, stored, shared and communicated
  • Support team strategic communication content with initiatives and events while overseeing multiple project deliverables
  • Support the creation and or delivery of third-party risk online content as it relates to key messages and newsletters
  • Provide advice and counsel with third-party risk content approaches in support of communication initiatives
  • Exercise good judgment in identifying and responding to complex third-party risk issues or inquiries impacting the team and demonstrate leadership in developing timely responses that protect team reputation and supports team strategies
  • Apply frequent reviews of the team's online third-party risk content to ensure respective information is relevant and up to date
  • Proficient with writing, proofreading and editing with proven experience in planning, developing and delivering on strategic communications
  • Aligns the objectives and execution of team initiatives with overall organization and enterprise third-party risk objectives, strategies and context
  • Seeks out industry trends and organizational knowledge to understand the possibility of alternative approaches and solutions
What we offer
What we offer
  • Competitive Salary
  • 37.5 hrs weekly
  • 15 mins break am, 15 mins break pm, 1 hr lunch break
  • Potential of extension/Conversion
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst

We are looking for a Third Party Risk Analyst to support vendor risk evaluation ...
Location
Location
United States , Columbus
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 2 years of experience in a third-party risk, vendor risk, or a closely related risk management role
  • Demonstrated ability to conduct inherent risk reviews and evaluate control effectiveness
  • Strong Excel skills with the ability to analyze data, organize assessment details, and produce clear reporting
  • Working knowledge of residual risk concepts, enterprise risk management principles, and risk-based decision-making
  • Experience in business analysis and gap analysis within a compliance, risk, or governance environment
  • Strong written and verbal communication skills with the ability to work effectively across teams
  • Exposure to platforms such as Archer, Ariba, or Coupa is preferred but not required.
Job Responsibility
Job Responsibility
  • Coordinate the onboarding of prospective vendors by initiating and managing third-party risk assessments from intake through completion
  • Review vendor information to determine risk exposure levels and assign appropriate ratings based on established assessment criteria
  • Perform inherent risk and control evaluations to identify areas requiring deeper review or follow-up analysis
  • Escalate higher-risk findings when additional due diligence or supplemental assessments are necessary
  • Partner with internal stakeholders to gather documentation, clarify risk factors, and support timely assessment outcomes
  • Track assessment progress, organize findings, and maintain clear reporting using Excel and other available tools
  • Contribute to gap analysis activities by identifying weaknesses in vendor controls and documenting potential residual risk
  • Support enterprise risk management efforts by helping align third-party reviews with broader organizational risk standards
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan
Read More
Arrow Right

Third Party Risk Analyst

A nationally recognized professional services organization is seeking a Third Pa...
Location
Location
United States , Westwood
Salary
Salary:
140000.00 USD / Year
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in Third Party Risk, Information Security, Cybersecurity, or Vendor Risk Management
  • Strong technical understanding of: SaaS and cloud security environments
  • API security concepts
  • Identity & Access Management (IAM)
  • Single Sign-On (SSO)
  • Encryption and key management
  • Vulnerability management
  • Security incident response processes
  • Experience conducting technical vendor security assessments
  • Ability to communicate complex security findings to technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Conduct technical third-party/vendor risk assessments and security reviews
  • Evaluate SaaS platforms, cloud environments, APIs, and third-party technologies for security risk
  • Assess and review: IAM and SSO configurations
  • Encryption and key management practices
  • Vulnerability findings and remediation efforts
  • Security controls and architecture
  • Support incident response efforts involving third-party vendors when needed
  • Analyze vendor security documentation, audit reports, and risk questionnaires
  • Partner with internal teams to improve due diligence processes and vendor risk frameworks
  • Collaborate with stakeholders across multiple departments and geographic regions
What we offer
What we offer
  • Discretionary annual bonus
  • Medical, Dental, and Vision coverage
  • Flexible Spending Account (FSA)
  • 401(k)
  • Profit Sharing Plan
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst

As a TPRM (Third Party Risk) Analyst at OnePay, you will play a critical role in...
Location
Location
United States
Salary
Salary:
125000.00 - 190000.00 USD / Year
onepay.com Logo
OnePay
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in information security, vendor risk management, or related technical risk roles
  • Strong understanding of security frameworks and certifications (SOC 2, ISO 2700x, NIST, etc.)
  • Familiarity with authentication, disaster recovery, and infrastructure security concepts
  • Ability to interpret and challenge vendor-provided attestations and control summaries
  • Comfort reviewing contracts and identifying clauses impacting data handling or access control
  • Excellent communication and analytical skills, with the ability to ask critical questions and present findings clearly
  • Drive and proactivity – everyone here is a builder and executor
Job Responsibility
Job Responsibility
  • Conduct vendor risk reviews and evaluate third-party attestations such as SOC 2, ISO 2700x, and other security certifications
  • Analyze vendor contracts and identify potential risk clauses or data security implications
  • Support annual high-risk vendor audits and maintain documentation to meet compliance requirements
  • Collaborate cross-functionally with Legal, Procurement, Engineering, and Compliance teams to assess risk exposure and mitigation plans
  • Provide technical insight into vendor integrations, authentication, and infrastructure security controls
What we offer
What we offer
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst

Our team members are at the heart of everything we do. At Cencora, we are united...
Location
Location
Colombia , Bogota
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree – required
  • 3-5 years of work experience in similar position
  • Strong understanding of risk management principles and practices, particularly as they relate to third party relationships
  • Familiarity with contract negotiation, invoice processing or legal terms review preferred
  • Proficiency in data analysis and the ability to assess and interpret contracts, compliance documentation, and financial statements
  • Excellent written and verbal communication skills required for reporting findings, communicating with vendors and collaborating with internal stakeholders
  • The ability to identify and mitigate risks, as well as to develop effective risk mitigation strategies
  • Self-motivated, ability to work independently, strong organizational skills
  • Ability to multitask and work in a fast paced environment
  • Consistently delivers results and meets deadlines
Job Responsibility
Job Responsibility
  • Identify, measure, and report operational and Third-Party Risk Management risks
  • Support management of third-party risk onboarding and due diligence by ensuring appropriate risk assessments are completed
  • Assist Business Owners with due diligence documentation and evaluation of third-party relationships
  • Execute issue management end-to-end activities (issue identification, prioritization, assignment, remediation, closure) for matters pertaining to third parties
  • Ensure adequate, appropriate, and current third-party risk documentation is maintained in the Third Party Risk Management Software System
  • Leverage the Third-Party Risk Management Software System as the system of record and as a reporting tool to analyze vendors for risk analysis
  • Consult with business leaders to effectively manage change when required
  • Provide risk oversight for process improvement projects, as needed
  • Liaise with senior management and Third-Party Risk Management stakeholders
  • Oversee and / or develop ongoing monitoring activities in alignment with TPRM policy
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst Lead

Individuals in Operational Risk establish and manage operational risk policies, ...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Understanding of Third Party Risk management lifecycle and risk assessment processes
  • Thought leadership and clarity in presenting ideas to senior management
  • Proven technical knowledge of resilience and Third-Party Risk principles and processes, to include up to date knowledge of current technology solutions, including Cloud
  • Experience in implementing risk processes across a large and diverse organization
  • Knowledge of regulatory requirements underpinning resilience and the Third-Party Risk Management and Outsourcing Lifecycle
  • Excellent analytical skills to interpret and present complex data
  • Proficiency in the use of MIS and other risk management tools
  • Excellent project management skills to oversee risk reviews and mitigation efforts
  • Strong communication skills to provide counsel and collaborate with various stakeholders
  • Ability to challenge and scrutinize established practices
Job Responsibility
Job Responsibility
  • Represent business leadership to coordinate and facilitate Third-Party Risk Management activities
  • Evaluate current market conditions and provide insight on trends/issues that could impact the business by external third parties
  • Advise the BAO on risk assessment for third parties and reassess as required
  • identify significant relationship changes to trigger risk assessment updates
  • Verify compliance of third parties with required policies and controls
  • Partner with business operations, technology teams, and internal functions to conduct on-site visits of third parties, as required
  • Maintain and update Citi’s Exit Strategy Plans as required
  • collaborate with business contacts to establish risk mitigation activities when the exit strategy poses significant risk to Citi
  • Interact with third parties on escalations of non-performance and contractual issues to drive resolution when appropriate
  • Monitor third party performance and Service Level Agreements (SLAs) through Citi Performance Management Assessment (PMA) process
  • Fulltime
Read More
Arrow Right

Third Party Risk Analyst

Working at Citi is far more than just a job. A career with us means joining a te...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge in risk management, particularly Resilience and Third-Party Risk Management
  • Understanding of Third-Party Management policy and procedures
  • Familiarity with risk governance structures and risk appetite parameters
  • Ability to create, apply, and analyse reports
  • Background in the implementation of third-party and resilience risk processes across various sectors and regions
  • Experience in conducting comprehensive third-party and resilience risk management reviews
  • Knowledge of relevant regulations and standards related to risk management, and ability to ensure compliance
  • Adapt to work across a diverse organisation, managing various sectors and regions
  • Utilise strong analytical skills to interpret complex data and present it in a clear and understandable manner
  • Identify and address potential risks, ensuring adherence to regulatory standards
Job Responsibility
Job Responsibility
  • Represent business leadership in Third-Party Risk Management activities coordination and facilitation
  • Evaluate market conditions and provide insight into trends that could impact the business
  • Verify third-party compliance to required policies and controls and advise on third-party risk assessments and reassessments
  • Partner with operations and tech teams for on-site visits of third parties when necessary
  • Maintain and update Exit Strategy Plans as required
  • Address escalations of non-performance and contractual issues with third parties when necessary
  • Monitor third-party performance and service level agreements
  • Ensure proper execution and upload of third-party contracts in Contract Management System
  • Review, prioritise, assess, and act on third-party risk management assessments results
  • Facilitate remediation of issues or gaps identified during ongoing monitoring
  • Fulltime
Read More
Arrow Right

Business Analyst – Third Party Risk Management

Our client, a leading organization in the financial services industry, is seekin...
Location
Location
Canada , Toronto
Salary
Salary:
40.00 - 44.00 USD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
July 17, 2026
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in Third-Party Risk Management (TPRM)
  • Vendor Risk Management
  • Compliance, Audit, or Operational Risk
  • Hands-on experience conducting inherent risk assessments
  • financial due diligence reviews
  • adverse media screenings
  • Strong understanding of the vendor risk lifecycle, including onboarding, monitoring, and governance
  • Strong analytical, communication, and stakeholder management skills
  • Bachelor’s degree or equivalent professional experience
Job Responsibility
Job Responsibility
  • Conduct inherent risk assessments to evaluate third-party risks based on service criticality, data sensitivity, and regulatory impact
  • Perform financial due diligence reviews, including supplier financial health analysis and credit evaluations
  • Conduct adverse media and reputational risk screenings
  • Assess supplier risk posture and identify areas requiring mitigation or additional due diligence
  • Provide guidance and training to business stakeholders and contract owners on third-party risk management practices
  • Support ongoing supplier monitoring activities and governance reviews
  • Track and manage risk findings, policy exceptions, and remediation activities
  • Monitor supplier risk indicators including financial performance, adverse media, and emerging global risks
  • Maintain accurate risk documentation and support a consistent risk-based vendor oversight approach
  • Ensure adherence to internal TPRM policies, standards, and regulatory expectations
What we offer
What we offer
  • Opportunity to work with a well-established financial services organization
  • Exposure to enterprise-level Third-Party Risk Management initiatives
  • Collaborative and professional team environment
  • Hybrid work model with a balance of onsite and remote flexibility
  • Potential for contract extension and long-term conversion opportunities
  • Involvement in governance, compliance, and emerging risk initiatives
Read More
Arrow Right