ZipRecruiter

Log In

1

Grc Third Party Risk Analyst Jobs in Reston, VA (NOW HIRING)

Peraton

Cyber Risk Analyst

Chantilly, VA

We are seeking a Cyber Risk Analyst to support cybersecurity risk identification, assessment, and ... Experience using GRC tools or risk tracking platforms. * Familiarity with NextGen FAA modernization ...

New

Peraton

Cyber Risk Analyst

Chantilly, VA · On-site

$86K - $138K/yr

We are seeking a Cyber Risk Analyst to support cybersecurity risk identification, assessment, and ... Experience using GRC tools or risk tracking platforms. * Familiarity with NextGen FAA modernization ...

New

Peraton

Cyber Risk Analyst

Chantilly, VA · On-site

We are seeking a Cyber Risk Analyst to support cybersecurity risk identification, assessment, and ... Experience using GRC tools or risk tracking platforms. * Familiarity with NextGen FAA modernization ...

New

next page

Showing results 1-20

All JobsGrc Third Party Risk Analyst JobsGrc Third Party Risk Analyst Jobs in Reston, VA

Grc Third Party Risk Analyst information

See Reston, VA salary details

$46.3K

$90.2K

$129.5K

How much do grc third party risk analyst jobs pay per year?

As of Jun 17, 2026, the average yearly pay for grc third party risk analyst in Reston, VA is $90,186.00, according to ZipRecruiter salary data. Most workers in this role earn between $58,800.00 and $104,000.00 per year, depending on experience, location, and employer.

What are some typical challenges a GRC Third Party Risk Analyst may encounter when assessing vendors?

As a GRC Third Party Risk Analyst, you may face challenges such as obtaining timely and complete responses from vendors, especially when dealing with large or international organizations. Navigating varying levels of vendor maturity in risk management practices can also be difficult. Additionally, balancing the need for thorough risk assessments with fast-paced business timelines requires strong communication and prioritization skills. Collaborating closely with procurement, legal, and IT teams is essential to ensure all risks are properly identified and managed.

What are the key skills and qualifications needed to thrive as a GRC Third Party Risk Analyst, and why are they important?

To thrive as a GRC Third Party Risk Analyst, you need a strong understanding of risk management frameworks, compliance regulations, and vendor risk assessment methodologies, typically supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (like Archer or ServiceNow), third-party risk management tools, and certifications such as CISA or CRISC is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills are essential soft skills for this role. These competencies ensure that organizations can accurately assess and mitigate third-party risks, maintaining compliance and protecting sensitive data.

What is a GRC Third Party Risk Analyst?

A GRC Third Party Risk Analyst is a professional who assesses and manages the risks associated with an organization’s external vendors, suppliers, or partners. Their role involves evaluating third-party compliance with regulatory standards and internal policies, identifying potential risks such as data breaches or non-compliance, and recommending mitigation strategies. They use frameworks like GRC (Governance, Risk, and Compliance) to help ensure that third-party relationships do not compromise the organization's security or reputation. This role often collaborates with procurement, legal, and IT teams to maintain robust risk management processes.

What is the difference between Grc Third Party Risk Analyst vs Grc Vendor Risk Analyst?

AspectGrc Third Party Risk AnalystGrc Vendor Risk Analyst
CertificationsCertifications like CRISC, CISA often preferredSame certifications commonly required
Work EnvironmentFocuses on third-party relationships and risk assessmentsPrimarily evaluates vendor-specific risks and compliance
Industry UsageUsed across finance, healthcare, and tech sectorsCommonly found in industries with extensive vendor networks

The Grc Third Party Risk Analyst and Grc Vendor Risk Analyst roles overlap significantly in certifications and work environment. The main difference lies in scope: the Third Party Risk Analyst assesses overall third-party relationships, while the Vendor Risk Analyst concentrates specifically on individual vendors. Both roles are vital for managing third-party risks in various industries.

What are popular job titles related to Grc Third Party Risk Analyst jobs in Reston, VA? For Grc Third Party Risk Analyst jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Grc Third Party Risk Analyst jobs in Reston, VA look for? The top searched job categories for Grc Third Party Risk Analyst jobs in Reston, VA are:
What cities near Reston, VA are hiring for Grc Third Party Risk Analyst jobs? Cities near Reston, VA with the most Grc Third Party Risk Analyst job openings:
Grc Third Party Risk Analyst jobs near you

Senior Director, Supply Chain Governance & Risk Management

Amentum

Chantilly, VA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 18 days ago

Job description

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundless imagination to challenge convention and drive progress. Our commitments are underpinned by the belief that safety, collaboration and well-being are integral to success. Headquartered in Chantilly, Virginia, we have approximately 50,000 employees in more than 70 countries across all 7 continents.
The Senior Director, Supply Chain Governance & Risk Management is responsible for establishing and leading the enterprise-wide framework for supply chain governance, Third-Party risk management and supply chain resiliency program, small business program, procurement compliance, Supplier Onboarding and the Supplier Performance program. This role ensures alignment with regulatory requirements, contractual obligations, leveraging best commercial practices and corporate risk tolerance while enabling resilient, ethical, and high-performing supplier ecosystems across global operations. This leader partners closely with executive leadership, program teams, legal, contracts, subcontracts, compliance, cybersecurity, and finance to proactively manage supply chain risk in support of mission-critical government contracts. This position is Hybrid to the Fort Worth, TX or Chantilly, VA Amentum office. US Citizenship is required.
Key Responsibilities:
Strategy & Governance
  • Design and implement an enterprise supply chain governance framework aligned to corporate strategy and risk appetite
  • Maintains all (policies, procedures, instructions) for supply chain
  • Oversight of approved business systems (Purchasing Systems)
  • Lead governance forums and training to the larger supply chain organization as appropriate
  • Ensure alignment with public company requirements (e.g., SOX controls, disclosures, ESG considerations

Supply Chain Risk Management & Compliance
  • Design and manage a comprehensive supplier risk program, including:
    • Third-party risk assessments (financial, operational, geopolitical, cyber)
    • Continuous monitoring and risk scoring
    • Mitigation planning and escalation protocols
  • Ensure compliance with regulatory requirements (e.g., FAR/DFARS)
  • Oversee adherence to cybersecurity standards (e.g., NIST, CMMC as applicable) in the supply base
  • Partner with Legal/Compliance on ethics, anti-corruption, and export control (ITAR/EAR) requirements
  • Support Accounting System Audits and Treasury insurance requirements and investigations

Operational Resilience
  • Lead enterprise efforts related to supply chain continuity and disruption management
  • Develop and test business continuity and contingency plans for critical suppliers
  • Monitor global risk factors (geopolitical, economic, environmental) impacting supply continuity
  • Drive scenario planning and stress testing for mission-critical programs

Supplier Oversight & Performance
  • Establish supplier segmentation and management of small business program for work performed under US Government contracts and similar programs for other governments.
  • Implement governance for supplier performance, audits, and corrective actions
  • Lead high-risk supplier reviews and executive-level supplier engagements
  • Enable responsible sourcing and supplier initiatives

Data, Reporting & Insights
  • Develop KPIs/KRIs and dashboards to provide real-time visibility into supply chain risk posture
  • Deliver executive-level reporting and insights to inform decision-making
  • Leverage advanced analytics and digital tools to enhance risk detection and response

Leadership & Cross-Functional Influence
  • Build and lead a high-performing, global team
  • Influence across matrixed stakeholders including Procurement, Operations, Legal, Contracts, Subcontracts, IT, Security, Finance, and Program Leadership
  • Serve as a trusted advisor to executive leadership on supply chain and procurement risk

Knowledge, Skills and Abilities:
  • Strategic thinking and enterprise mindset
  • Risk-based decision making
  • Executive presence and communication
  • Cross-functional leadership and influence
  • Crisis management and resilience planning

Minimum Qualifications:
  • Bachelor's degree and typically 18+ years experience or Master's degree and typically 15+ years experience in supply chain, supply chain risk management, procurement governance, small business management, with 5 years leadership/supervisory experience. Two (2) years of experience in procurement or related field may be substituted for each year of the four (4) years of college
  • Substantial expertise in government procurement (FAR/DFARS), Small Business Reporting and Government audits (CPSR, Small Business Program Reviews (SPRC), SIGAR, etc.)
  • Demonstrated experience building enterprise risk or governance frameworks
  • Strong knowledge of third-party risk management, supplier risk, and operational resilience
  • Experience in a publicly traded company environment (SOX, audit, disclosure considerations)
  • US Citizenship is required to apply.

Preferred Qualifications:
  • Experience with CPSR, Small Business reporting and Audits
  • Knowledge of CMMC, NIST, or supply chain cybersecurity frameworks
  • Familiarity with ESG, responsible sourcing, and global regulatory environments
  • Advanced degree (MBA)
  • Relevant certifications (e.g., CISM, CRISC, CPSM, CSCP)

Compensation Details:
Budget 190 - 205K +/- 10% depending on experience
The compensation range or hourly rate listed for this position is provided as a good-faith estimate of what the company intends to offer for this role at the time this posting was issued. Actual compensation may vary based on factors such as job responsibilities, education, experience, skills, internal equity, market data, applicable collective bargaining agreements, and relevant laws.
Benefits Overview:
Our health and welfare benefits are designed to support you and your priorities. Offerings include:
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance

Note: Benefits may vary based on employment type, location, and applicable agreements. Positions governed by a Collective Bargaining Agreement (CBA), the McNamara-O'Hara Service Contract Act (SCA), or other employment contracts may include different provisions/benefits.
Original Posting:
Amentum anticipates this job requisition will remain open for at least three days, with a closing date no earlier than three days after the original posting. This timeline may change based on business needs.
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.

Apply