1

Grc Third Party Risk Analyst Jobs in Raleigh, NC

Overview The Sr. Analyst, Governance, Risk, and Compliance (GRC) plays an important role in the GRC ... Contribute subject matter expertise through third party risk assessment process * Identify and ...

As a Security Analyst at Lucid Software, you will protect our corporate assets,world-class web ... third-party risk assessments, customer trust, and support GRC (Governance, Risk, and Compliance ...

As a Security Analyst at Lucid Software, you will protect our corporate assets,world-class web ... third-party risk assessments, customer trust, and support GRC (Governance, Risk, and Compliance ...

Third-Party Risk Management: * Support vendor due diligence activities, including document ... Experience using AI-assisted tools to support data analysis, documentation preparation, etc. in a ...

Third-Party Risk Management: * Support vendor due diligence activities, including document ... Experience using AI-assisted tools to support data analysis, documentation preparation, etc. in a ...

Third-Party Risk Management: * Support vendor due diligence activities, including document ... Experience using AI-assisted tools to support data analysis, documentation preparation, etc. in a ...

Third-Party Risk Management: * Support vendor due diligence activities, including document ... Experience using AI-assisted tools to support data analysis, documentation preparation, etc. in a ...

next page

Showing results 1-20

Grc Third Party Risk Analyst information

See Raleigh, NC salary details

$43.3K

$84.3K

$121K

How much do grc third party risk analyst jobs pay per year?

As of Jul 15, 2026, the average yearly pay for grc third party risk analyst in Raleigh, NC is $84,268.00, according to ZipRecruiter salary data. Most workers in this role earn between $54,900.00 and $97,200.00 per year, depending on experience, location, and employer.

What are some typical challenges a GRC Third Party Risk Analyst may encounter when assessing vendors?

As a GRC Third Party Risk Analyst, you may face challenges such as obtaining timely and complete responses from vendors, especially when dealing with large or international organizations. Navigating varying levels of vendor maturity in risk management practices can also be difficult. Additionally, balancing the need for thorough risk assessments with fast-paced business timelines requires strong communication and prioritization skills. Collaborating closely with procurement, legal, and IT teams is essential to ensure all risks are properly identified and managed.

What are the key skills and qualifications needed to thrive as a GRC Third Party Risk Analyst, and why are they important?

To thrive as a GRC Third Party Risk Analyst, you need a strong understanding of risk management frameworks, compliance regulations, and vendor risk assessment methodologies, typically supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (like Archer or ServiceNow), third-party risk management tools, and certifications such as CISA or CRISC is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills are essential soft skills for this role. These competencies ensure that organizations can accurately assess and mitigate third-party risks, maintaining compliance and protecting sensitive data.

What is a GRC Third Party Risk Analyst?

A GRC Third Party Risk Analyst is a professional who assesses and manages the risks associated with an organization’s external vendors, suppliers, or partners. Their role involves evaluating third-party compliance with regulatory standards and internal policies, identifying potential risks such as data breaches or non-compliance, and recommending mitigation strategies. They use frameworks like GRC (Governance, Risk, and Compliance) to help ensure that third-party relationships do not compromise the organization's security or reputation. This role often collaborates with procurement, legal, and IT teams to maintain robust risk management processes.

What is the difference between Grc Third Party Risk Analyst vs Grc Vendor Risk Analyst?

AspectGrc Third Party Risk AnalystGrc Vendor Risk Analyst
CertificationsCertifications like CRISC, CISA often preferredSame certifications commonly required
Work EnvironmentFocuses on third-party relationships and risk assessmentsPrimarily evaluates vendor-specific risks and compliance
Industry UsageUsed across finance, healthcare, and tech sectorsCommonly found in industries with extensive vendor networks

The Grc Third Party Risk Analyst and Grc Vendor Risk Analyst roles overlap significantly in certifications and work environment. The main difference lies in scope: the Third Party Risk Analyst assesses overall third-party relationships, while the Vendor Risk Analyst concentrates specifically on individual vendors. Both roles are vital for managing third-party risks in various industries.

What are popular job titles related to Grc Third Party Risk Analyst jobs in Raleigh, NC? For Grc Third Party Risk Analyst jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Grc Third Party Risk Analyst jobs in Raleigh, NC look for? The top searched job categories for Grc Third Party Risk Analyst jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Grc Third Party Risk Analyst jobs? Cities near Raleigh, NC with the most Grc Third Party Risk Analyst job openings:

Third Party Risk Management Analyst II

NC SECU

Raleigh, NC • Hybrid

Full-time

Re-posted 24 days ago


Job description

If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Position Overview:

The Third-Party Risk Management (TPRM) program provides strategic direction for TPRM governance & oversight, due diligence lifecycle execution, monitoring & reporting, and program management across SECU, in support of the Operational Risk Management framework. The program objective is to support business efforts to engage Third Parties to provide services to the membership.

The Third-Party Risk Management Analyst II helps ensure compliance with SECU's Third-Party Risk Management Program. This includes assisting with due diligence lifecycle execution, monitoring & reporting, and program management on request.

Essential Responsibilities:

  • 60% - Due Diligence Lifecycle Execution. Work closely with assigned business lines to execute third-party risk management lifecycle activities in coordination with key internal stakeholders. Ensure timely analysis of due diligence documentation in consultation with third-party relationship owners, subject matter experts, and external partners. Ensure SECU due diligence requirements and documentation requests are effectively communicated to third parties. Ensure the adequacy of contingency plans for critical third parties, which outline strategies for transitioning away from a critical third-party, if needed.
  • 10% - Monitoring & Reporting. Ensure ongoing monitoring requirements of existing third parties are sufficient to manage risks identified in the planning and due diligence phases. Support management reporting regarding performance issues, identifiable risk, exceptions, and risk mitigation plans
  • 10% - Program Management. Support maintenance of third-party relationship inventory, files, program software, due diligence artifacts, and related documentation. Work with key internal stakeholders (e.g., Project Management, Privacy, Procurement, Compliance, Accounting, Legal Services, IT GRC, etc.) to review the third-party risk management lifecycle and implement changes where needed. Support communications with internal and external auditors during third-party risk management audits and examinations.
  • 15% - TPRM Subject Matter Expertise. Develop and maintain a working knowledge of regulatory requirements and guidance along with industry best practices related to third-party risk management.
  • 5% - TPRM Framework Management Support. Support the development, implementation, refinement and sustainability of SECU's third-party risk management governance framework.

Required Education & Experience (Knowledge, Skills, & Abilities):

  • Associates degree via the North Carolina College Transfer Program (NC-CTP)
  • Third-Party regulatory exposure including NCUA, FFIEC, CFPB, OCC, & FDIC
  • 2 direct years of TPRM program experience
  • Operational Risk Management program execution experience working across organization levels.

Preferred Education & Experience (Knowledge, Skills, & Abilities):

  • Four-year degree
  • CCUE Certification
  • 5+ years direct years of TPRM program experience
  • Demonstrated ability to work independently
  • Credit Union risk management experience

Job Environment & Physical Requirements:

  • The position has a Hybrid schedule with at least 2 days / week in the Salisbury Street or Creedmoor Road offices

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.