1

Contract Third Party Risk Analyst Jobs (NOW HIRING)

Senior Cybersecurity Third-Party Risk Analyst

Tempe, AZ · Remote

$95K - $123K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Everett, WA · Remote

$110K - $142K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Mesa, AZ · Remote

$99K - $128K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Seattle, WA · Remote

$113K - $146K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Denver, CO · Remote

$102K - $132K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance functions and execute Third Party Vendor Assessment reviews. This will include managing relationships ...

Description As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance functions and execute Third Party Vendor Assessment reviews. This will include managing ...

As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance functions and execute Third Party Vendor Assessment reviews. This will include managing relationships ...

Senior Cybersecurity Third-Party Risk Analyst

Chicago, IL · Remote

$103K - $132K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Support the review of third-party agreements by providing standard contract requirements informed ... Strong attention to detail with the ability to analyze information, identify issues, and document ...

next page

Showing results 1-20

Contract Third Party Risk Analyst information

See salary details

$15

$40

$65

How much do contract third party risk analyst jobs pay per hour?

As of Jul 8, 2026, the average hourly pay for contract third party risk analyst in the United States is $40.49, according to ZipRecruiter salary data. Most workers in this role earn between $29.81 and $49.28 per hour, depending on experience, location, and employer.

Is a grc analyst a good entry-level job?

A Contract Third Party Risk Analyst is often considered an entry-level role in risk management and compliance, suitable for individuals with foundational knowledge of governance, risk, and compliance (GRC) tools. It typically requires strong analytical skills, attention to detail, and familiarity with regulations like GDPR or HIPAA, making it accessible for those starting their careers in cybersecurity or risk analysis.

What are the key skills and qualifications needed to thrive as a Contract Third Party Risk Analyst, and why are they important?

To thrive as a Contract Third Party Risk Analyst, you need a solid understanding of risk management, vendor assessment processes, and relevant regulatory frameworks, often supported by a degree in business, finance, or a related field. Familiarity with risk assessment tools, contract management systems, and certifications such as CTPRA (Certified Third Party Risk Assessor) is highly valuable. Strong analytical skills, attention to detail, and effective communication enable you to identify risks and work collaboratively with stakeholders. These skills ensure organizations can mitigate vendor-related risks and maintain compliance in an increasingly complex regulatory environment.

Is TPRm a good career?

A Contract Third Party Risk Analyst role involves assessing and managing risks associated with third-party vendors, often requiring knowledge of compliance standards and risk management tools. It can be a stable career path with opportunities for advancement in risk management and compliance fields, especially in industries like finance and technology.

What is the difference between Contract Third Party Risk Analyst vs Vendor Risk Analyst?

AspectContract Third Party Risk AnalystVendor Risk Analyst
CertificationsCertifications like CTPRP, CRISC often preferredSimilar certifications, often including CTPRP or CRISC
Work EnvironmentTypically in finance, healthcare, or corporate sectors managing third-party risksSimilar industries, focusing on vendor assessments and risk mitigation
Employer UsageUsed by organizations managing contractual third-party relationshipsCommonly employed by companies evaluating vendor and supplier risks

The Contract Third Party Risk Analyst and Vendor Risk Analyst roles share many similarities, including required certifications and work environments. Both focus on assessing and mitigating risks associated with external entities, but the Contract Third Party Risk Analyst often emphasizes contractual obligations, while the Vendor Risk Analyst concentrates on evaluating vendor performance and compliance.

What is the salary of TPRM consultant?

The salary of a Contract Third Party Risk Analyst or TPRM consultant typically ranges from $70,000 to $120,000 annually, depending on experience, location, and industry. Professionals with certifications like CTPRP or experience with risk management tools may command higher compensation.

What are common challenges faced by Contract Third Party Risk Analysts when evaluating new vendors?

Contract Third Party Risk Analysts often encounter challenges such as incomplete or inconsistent documentation from vendors, rapidly changing regulatory requirements, and time constraints for onboarding. They must balance thorough due diligence with business needs for efficiency, often working closely with procurement, legal, and IT security teams. Building strong communication skills and developing robust assessment templates can help analysts efficiently identify and mitigate potential risks while maintaining positive vendor relationships.

What is a Contract Third Party Risk Analyst?

A Contract Third Party Risk Analyst is a professional who evaluates and manages the risks associated with an organization's external vendors, suppliers, or partners. Their main role is to assess the security, compliance, and operational risks that third parties might pose, especially when handling sensitive data or critical business functions. They often review contracts, conduct risk assessments, and ensure that third parties comply with relevant regulations and internal policies. This helps organizations reduce potential financial, reputational, or legal impacts from working with external entities.

How much does a third party risk analyst make?

A contract third party risk analyst typically earns between $60,000 and $100,000 annually, depending on experience, location, and industry. They often require knowledge of risk assessment tools and compliance standards to perform their duties effectively.
More about Contract Third Party Risk Analyst jobs
What cities are hiring for Contract Third Party Risk Analyst jobs? Cities with the most Contract Third Party Risk Analyst job openings:
What are the most commonly searched types of Third Party Risk Analyst jobs? The most popular types of Third Party Risk Analyst jobs are:
What states have the most Contract Third Party Risk Analyst jobs? States with the most job openings for Contract Third Party Risk Analyst jobs include:
Senior Cybersecurity Third-Party Risk Analyst

Senior Cybersecurity Third-Party Risk Analyst

Boeing

Tempe, AZ • Remote

$95K - $123K/yr

Full-time

Medical, Life, Retirement

Posted 12 hours ago

Posted today


Boeing rating

8.5

Company rating: 8.5 out of 10

Based on 599 frontline employees who took The Breakroom Quiz

36th of 529 rated manufacturers


Job description

Senior Cybersecurity Third-Party Risk Analyst

Company:

The Boeing Company

We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments of third-party cyber risk and to design automation and process improvements using configuration, integration, and agentic AI capabilities. This senior individual contributor will focus on developing hands-on assessment processes to evaluate vendor controls, validate technical evidence, and drive remediation recommendations - while also building robust automation and configuration assets (scripts, connectors, playbooks, and AI agents) to scale assessment throughput, improve data quality, and accelerate risk decisions. A strong emphasis on lean process enhancement will ensure the program delivers higher velocity, lower waste, and measurable improvements in assessment quality and cycle time.

Though the position is primarily remote, there will be times to go into a Boeing facility. Candidates must live near a Boeing Facility or be willing to relocate at their own expense.

This position requires candidates to be a US Person (Green Card holder or US Citizen)

Key Responsibilities

  • Design & Execute end-to-end cybersecurity third-party assessments for strategic and high-risk vendors, including questionnaire reviews, technical evidence validation, architecture reviews, cloud configuration analysis, IAM assessments, encryption and key management reviews, logging/monitoring validation, and vulnerability/penetration test interpretation.

  • Produce repeatable processes that create clear, prioritized risk findings and remediation guidance tailored to vendor risk and business impact

  • Design, build, and maintain automated assessment capabilities: evidence collection scripts, API connectors, ETL pipelines, data validation routines, and integration points with TPRM/GRC platforms (Aravo, ServiceNow GRC, RSA Archer, OneTrust, etc.).

  • Develop and deploy agentic AI components (e.g., automated evidence triage, document ingestion and extraction, risk-scoring assistants, remediation suggestion agents) while ensuring safe, auditable, and privacy-preserving behavior.

  • Lead lean process improvement initiatives across the assessment lifecycle: map value streams, eliminate waste, reduce handoffs, optimize SLAs, and implement continuous improvement cycles to increase throughput and quality.

  • Create and maintain technical assessment artifacts: standardized templates, evidence matrices, technical checklists, assessment playbooks, and scoring rubrics that support repeatability and auditability.

  • Validate and tune automated scoring models and AI outputs; perform periodic calibration and manual reviews to ensure accuracy and reduce false positives/negatives.

  • Collaborate closely with Procurement, Legal, Security Operations/CIRT, Privacy, and other business stakeholders to ensure technical assessment findings map to contractual requirements and incident response expectations.

  • Support remediation verification and re-assessment - use automation to track evidence submission, validate fixes, and update risk status.

  • Maintain strong documentation & processes to support change management of automation logic, AI agent behaviors, data mappings, integration schemas

  • Stay current on emerging attack techniques, supply chain threats, automation best practices, responsible AI controls, and lean methods; propose and implement improvements.

Basic/Required Qualifications

  • 5+ years of cybersecurity experience with at least 3 years focused on third-party/vendor security assessments or equivalent technical assessment roles.

  • Deep hands-on expertise reviewing technical artifacts: cloud console evidence (AWS/Azure/GCP), architecture diagrams, IAM configurations, network security, encryption, logging/monitoring, vulnerability scans, and penetration test reports.

  • Proven ability to translate technical findings into concise executive-level summaries and remediation plans; excellent written and verbal communication skills.

  • Demonstrated experience applying lean principles or continuous improvement methods to operational processes - ability to run value stream mapping, define and measure waste, and implement sustainable improvements.

  • Comfortable working independently as a senior individual contributor and coordinating across technical and non-technical stakeholders; experience in agile environments and using agile tooling (ADO, JIRA).

Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Security, Engineering, or related technical field; advanced degree (MS or equivalent) preferred.

  • Industry recognized security certifications (CISSP, CISM, CRISC) and/or cloud security certifications (AWS/Azure/GCP Security) preferred.

  • Strong configuration skills for security/TPRM tooling (Aravo, ServiceNow GRC, RSA Archer, OneTrust, or similar) including forms, workflows, scoring, and data model configuration.

  • Formal training or certification in Lean/Six Sigma, Kaizen, or similar continuous improvement methodologies.

  • Practical experience designing, training, or integrating agentic AI components (LLM orchestration, retrieval-augmented generation, agent frameworks) into security processes - able to implement guardrails, audit logging, and privacy controls.

  • Prior experience implementing AI governance for security use cases

  • Familiarity with software supply chain risk concepts (SBOMs)

  • Experience with SIEM/SOAR integrations, vulnerability management platforms, and continuous monitoring

  • Experience working in regulated industries (finance, aviation, healthcare, defense) or with global privacy/regulatory requirements (GDPR, CMMC, etc...).

Typical Education/Experience:

  • Education/experience typically acquired through advanced education (e.g. Associate) and typically 2 or more years' related work experience or an equivalent combination of education and experience (e.g. Bachelor+1 years' related work experience, 5 years' related work experience, etc.).

Relocation:

Relocation assistance is not a negotiable benefit for this position. Candidates must live in the immediate area of a Boeing facility or relocate at their own expense.

Drug Free Workplace:

Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria are met as outlined in our policies.

Pay & Benefits:

At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.

The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and several programs that provide for both paid and unpaid time away from work.

The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Pay is based upon candidate experience and qualifications, as well as market and business considerations.

Pay Range is dependent on geographical location and experience:

Senior - $128,700 - $181,500

Language Requirements:

Not Applicable

Education:

Not Applicable

Relocation:

Relocation assistance is not a negotiable benefit for this position.

Export Control Requirement:

This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. 120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.

Safety Sensitive:

This is not a Safety Sensitive Position.

Security Clearance:

This position does not require a Security Clearance.

Visa Sponsorship:

Employer will not sponsor applicants for employment visa status.

Contingent Upon Award Program

This position is not contingent upon program award

Shift:

Shift 1 (United States of America)

Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning

Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

EEO is the law

Boeing EEO Policy

Request an Accommodation

Applicant Privacy


Boeing Participates in E - Verify

  • E-Verify (English)
  • E-Verify (Spanish)

Right to Work Statement

  • Right to Work(English)
  • Right to Work(Spanish)

What Boeing employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom