ElevaIT Solutions
ElevaIT Solutions

Sr Third-Party Risk Analyst

Hybrid • Posted 7 hours ago • Updated 4 hours ago
Contract W2
Remote
$75.00/hr
Company Branding Image
Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

  • SOC 2
  • PCI DSS
  • CISSP
  • third-party risk management
  • TPRM
  • vendor risk assessment
  • cybersecurity risk
  • ISO 27001
  • NIST CSF
  • FedRAMP
  • CRISC
  • CISM
  • CISA
  • vendor governance
  • information security risk
  • risk remediation
  • security questionnaire review
  • supplier risk
  • risk tiering
  • security compliance
  • OneTrust
  • risk framework
  • InfoSec
  • risk analyst
  • cyber risk

Summary

Senior Third-Party Risk Analyst

Top 3 Skills

  • Third-Party Risk Management (TPRM) - hands-on vendor assessment lifecycle from intake through remediation
  • Security framework fluency - SOC 2, ISO 27001, NIST CSF, FedRAMP, PCI DSS
  • Risk communication - ability to translate complex findings for both technical teams and executive stakeholders

What You'll Do

  • Lead end-to-end risk assessments for new and existing vendors, covering cybersecurity posture and regulatory compliance
  • Review vendor-submitted security questionnaires, SOC 2 reports, ISO certifications, and audit documentation
  • Coordinate directly with vendors to validate security controls and drive remediation timelines
  • Classify vendors into risk tiers and maintain a live vendor risk database
  • Partner with Procurement, Legal, Privacy, and InfoSec on contract reviews and supplier security standards
  • Monitor ongoing supplier risk profiles and flag changes that require escalation
  • Identify automation opportunities within the assessment workflow to reduce manual overhead
  • Contribute to broader InfoSec risk initiatives beyond the vendor program

What We Need From You

  • 6+ years in third-party risk assessment, vendor governance, or information security risk management
  • Working knowledge of ISO 27001/2, SOC 2, NIST CSF, FedRAMP, and PCI DSS
  • Experience managing multiple concurrent vendor assessments without dropping the ball
  • Strong written and verbal communication - you can brief a CISO and a procurement manager in the same day
  • Bachelor's degree in Cybersecurity, Information Security, Risk Management, Computer Science, or a related field

Bonus If You Have

  • Active certifications: CISA, CISM, CISSP, or CRISC
  • Exposure to ISO 27017/27018 cloud security extensions
  • Experience with Coupa, OneTrust, JIRA, or Coverbase

A Few Things to Know

  • You'll be expected to build cross-functional relationships across multiple internal teams
  • This role sits within a dedicated TPRM function - you won't be context-switching into unrelated IT work
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91135125
  • Position Id: 2026-2826
  • Posted 7 hours ago

Company Info

About ElevaIT Solutions

We’re a Service-Disabled Veteran-Owned Workforce Solutions Company, and we operate from the belief that DE&I hiring initiatives empower companies with a competitive edge.  

But we’re more than talk: across boundaries of race, gender, sexual orientation, disability, and veteran status, ElevaIT is proud of our own deeply inclusive team.

We work with you to procure diverse talent on sensitive timelines, and to fulfill broader visions for your company’s culture. As an organization with our own dynamic and diverse staff, we’re experts in solving your greatest human capital needs.

About_Company_OneAbout_Company_Two
Go to company profile
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs
Remote jobs at ElevaIT Solutions