1

Beyond Risk Management Jobs in Rhode Island (NOW HIRING)

... risk management and the resilience of its policyholder-owners. These owners, who share the belief ... You will lead end-to-end cybersecurity regulatory assessments and control evaluations, going beyond ...

Adhere to all bank policies and procedures, including compliance and risk management protocols to ... We know rewards go beyond numbers. Offering more than just a paycheck our benefits are designed to ...

New

... risk management and the resilience of its policyholder-owners. These owners, who share the belief ... This role goes beyond traditional internal communications with a focus on change communications and ...

... beyond your role and make an impact. While in this role, you will support the delivery of expert support and advice to the business on risk management. It is important to note that you will also ...

... risk management and the resilience of its policyholder-owners. These owners, who share the belief ... This role goes beyond traditional internal communications with a focus on change communications and ...

Certifications related to risk management and information security, e.g., CISSP, CISM, or CAP ... In addition, Arcfield invests in its employees beyond just compensation. Arcfield 's benefits ...

next page

Showing results 1-20

Beyond Risk Management information

What is the difference between Beyond Risk Management vs Risk Analyst?

AspectBeyond Risk ManagementRisk Analyst
Required CredentialsCertifications like CRM, FRM, or RIMS certificationsDegrees in finance, economics, or related fields; certifications like FRM or CRM
Work EnvironmentCorporate risk departments, consulting firms, insurance companiesFinancial institutions, consulting firms, corporate risk teams
Industry UsageUsed across industries for comprehensive risk oversightFocused on analyzing specific risks and data

While both roles involve risk assessment, Beyond Risk Management focuses on overarching risk strategies and enterprise-wide risk oversight, whereas Risk Analysts primarily analyze specific risks and data to inform decision-making. Understanding these differences helps professionals choose the right career path or role within the risk management field.

What are popular job titles related to Beyond Risk Management jobs in Rhode Island? For Beyond Risk Management jobs in Rhode Island, the most frequently searched job titles are:
What cities in Rhode Island are hiring for Beyond Risk Management jobs? Cities in Rhode Island with the most Beyond Risk Management job openings:
Infographic showing various Beyond Risk Management job openings in Rhode Island as of July 2026, with employment types broken down into 1% As Needed, 74% Full Time, 21% Part Time, and 4% Contract. Highlights an 93% Physical, 3% Hybrid, and 4% Remote job distribution.
Senior Vendor Security Risk Management Analyst

Senior Vendor Security Risk Management Analyst

FM

Johnston, RI • On-site

$106K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 7 days ago


Job description

Established nearly two centuries ago, FM is a leading mutual insurance company whose capital, scientific research capability and engineering expertise are solely dedicated to property risk management and the resilience of its policyholder-owners. These owners, who share the belief that the majority of property loss is preventable, represent many of the world's largest organizations, including one of every four Fortune 500 companies. They work with FM to better understand the hazards that can impact their business continuity to make cost-effective risk management decisions, combining property loss prevention with insurance protection.
Work Schedule
This position requires on-site work one day per week at our Corporate Headquarters and flexibility to be on-site when needed based on the demands of the business
Relocation is not offered for this position.
Position Summary
FM is seeking a Senior Information Security Analyst with deep expertise in Third-Party Risk Management (TPRM), you will play a critical role in protecting FM by assessing how external vendors, SaaS platforms, and cloud solutions interact with our systems and data. This high-impact role where your expertise in cyber risk, vendor security, and cloud architecture will help shape business decisions, strengthen our security posture, and support innovation in a secure way. This includes reviewing both the vendor's security control environment and the specific solution being implemented, with a focus on data handling, storage, and integration with internal systems.
You will partner closely with business, technology, and procurement teams to identify risks and recommend practical, business-aligned mitigation strategies.
You will lead end-to-end cybersecurity risk assessments of third-party vendors and solutions-going beyond standard due diligence to evaluate real-world risk across systems, data, and integrations.
Key Responsibilities
  • Lead end-to-end third-party solution risk assessments and vendor security reviews across the vendor lifecycle, including due diligence, onboarding, ongoing monitoring, and reassessments.
  • Evaluate vendor security programs, control effectiveness, and governance, along with deep-dive assessment of the specific product being implemented including solution architecture, data flows, and integration points.
  • Identify and communicate inherent and residual cyber risks related to data protection, privacy, IAM, privileged access, system connectivity, and external attack surface exposure.
  • Review and interpret security documentation, including SOC 1/SOC 2 reports, ISO 27001 certifications, audit reports, architecture diagrams, data flow diagrams, and technical configurations.
  • Recommend practical risk mitigation strategies, including compensating controls, secure design changes, and contractual safeguards to support risk-informed decisions.
  • Partner with business, technology, procurement, and legal teams to support risk acceptance, exception management, and third-party risk governance.
  • Contribute to the evolution of FM's third-party risk management framework, methodology, and standards in alignment with NIST, ISO 27001, NYDFS, and other applicable regulatory expectations.

Qualifications
  • 5+ years of experience in cybersecurity, information security, or cyber risk, with a background in third-party risk management (TPRM), IT risk, audit, incident response, or access management.
  • Experience assessing vendor security posture in cloud (SaaS/PaaS)and enterprise environments.

Technical Expertise
  • Strong understanding of systems, networks, application architecture, cloud security, and secure system design across AWS, Azure, SaaS, PaaS, APIs, and enterprise integrations.
  • Experience evaluating data flows, data classification, data protection, data governance, and secure data handling practices.
  • Knowledge of IAM, SSO, federation, privileged access, cyber threats, vulnerabilities, and attack methodologies.
  • Ability to interpret SOC 1, SOC 2, ISO certifications, and other third-party assurance artifacts to identify control gaps and residual risk.

Risk & Analysis:
  • Ability to identify, assess, and clearly communicate complex cyber risks, trade-offs, and residual risk.
  • Experience recommending practical, business-aligned risk based mitigation strategies, including compensating controls and secure design changes.
  • Strong analytical judgment, attention to detail, and risk-based decision-making.

Collaboration & Communication
  • Ability to translate technical findings into clear, business-relevant insights and recommendations.
  • Strong stakeholder management and partnership across business, technology, procurement, and legal teams.
  • Collaborative, solutions-focused mindset with strong influencing skills in a fast-paced assessment environment.
  • High degree of professional skepticism and curiosity when evaluating vendor claims and evidence
  • Ability to manage multiple priorities independently while maintaining quality and consistency of assessments

Tools & Certifications:
  • Proficiency with Microsoft Office tools.
  • Relevant certifications such as CISSP, CISA, CSA, CISM, Security+, GIAC, CEH, or similar are strongly desired.

Education
Bachelor's degree in information security, Computer Science, Information Technology, or a related field required. An equivalent of relevant work experience will also be considered.
The hiring range for this position is $106,000- $152,000. The final salary offer will vary based on geographic location, individual education, skills, and experience. The position is eligible to participate in FM's comprehensive Total Rewards program that includes an incentive plan, medical, dental and vision insurance, life and disability insurance, well-being programs, a 401(k) and pension plan, career development opportunities, tuition reimbursement, flexible work, and time off, including vacation and sick time.
FM is an Equal Opportunity Employer and is committed to attracting, developing, and retaining a diverse workforce.
#LI-NL1
#FMG

FM logo

About FM

Sourced by ZipRecruiter

Industry

Plastics product manufacturing

Company size

51 - 200 Employees

Headquarters location

Rogers, AR, US

Year founded

1980

Social media