Role: Third-Party Risk Management Analyst
Location:100% Remote
Duration:12+ Months
Job Summary:
The Third-Party Risk Management (TPRM) Analyst will support the Third-Party Cyber Risk Management (TPCRM) program by conducting cybersecurity risk assessments, managing risk remediation activities, and enhancing risk management processes through automation and governance tools. This role combines cybersecurity risk analysis with project coordination to ensure third-party risks are effectively identified, assessed, and mitigated.
Key Responsibilities:
Lead and support third-party cyber risk initiatives across the full lifecycle, including planning, execution, reporting, and continuous monitoring.
Perform cybersecurity risk assessments of third-party vendors, identify control gaps, and provide clear, actionable recommendations.
Conduct standardized inherent risk assessments and validate risk ratings, control evaluations, and remediation strategies.
Track and monitor remediation efforts, ensuring timely closure and alignment with organizational risk tolerance.
Utilize Governance, Risk, and Compliance (GRC) tools to streamline risk workflows, reporting, and documentation.
Collaborate with cybersecurity, procurement, legal, internal audit, and business stakeholders to ensure consistent third-party risk management practices.
Support continuous improvement initiatives by identifying process inefficiencies and recommending automation or tooling enhancements.
Provide cybersecurity awareness and risk education to internal teams and third-party partners.
Prepare dashboards, reports, and metrics to communicate third-party risk posture to leadership.
Leverage AI-driven platforms and industry insights to optimize assessment workflows and enhance risk mitigation.
Required Skills and Competencies:
Strong understanding of cybersecurity fundamentals, threats, vulnerabilities, and controls.
Knowledge of risk assessment methodologies and security frameworks such as NIST, ISO 27001, or SOC 2.
Ability to assess and document third-party cyber risks and control gaps.
Project coordination and organizational skills with the ability to manage multiple initiatives.
Strong analytical, problem-solving, and process improvement capabilities.
Excellent written and verbal communication skills with the ability to present technical risk to non-technical stakeholders.
High attention to detail and ability to maintain accurate risk records.
Familiarity with AI-enabled tools for risk identification and workflow optimization is a plus.
Qualifications:
Bachelors degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
13 years of experience in cybersecurity, IT risk, compliance, third-party risk management, or related domain.
Experience working in cross-functional environments supporting risk or security initiatives.
--
--
Thanks & Regards,
Pallavi Reddy| Technical Recruiter
Thoughtwave Software and Solutions
Desk: , EXTN:167
Email:
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10334366
- Position Id: twss20260225R31
- Posted 2 hours ago