ZipRecruiter

Log In

1

Grc Third Party Risk Analyst Jobs (NOW HIRING)

HealthEquity

Sr Third Party Risk Analyst (TPRM)

$87.50K - $111.50K/yr

As a Senior Third Party Risk Analyst , you'll play a critical role in ensuring the security ... Prior experience with TPRM / GRC platforms , including tools such as Vanta, Archer, or ServiceNow.

next page

Showing results 1-20

People also search for

All JobsGrc Third Party Risk Analyst Jobs

Grc Third Party Risk Analyst information

See salary details

$44.5K

$86.7K

$124.5K

How much do grc third party risk analyst jobs pay per year?

As of May 31, 2026, the average yearly pay for grc third party risk analyst in the United States is $86,688.00, according to ZipRecruiter salary data. Most workers in this role earn between $56,500.00 and $100,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a GRC Third Party Risk Analyst, and why are they important?

To thrive as a GRC Third Party Risk Analyst, you need a strong understanding of risk management frameworks, compliance regulations, and vendor risk assessment methodologies, typically supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (like Archer or ServiceNow), third-party risk management tools, and certifications such as CISA or CRISC is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills are essential soft skills for this role. These competencies ensure that organizations can accurately assess and mitigate third-party risks, maintaining compliance and protecting sensitive data.

What are some typical challenges a GRC Third Party Risk Analyst may encounter when assessing vendors?

As a GRC Third Party Risk Analyst, you may face challenges such as obtaining timely and complete responses from vendors, especially when dealing with large or international organizations. Navigating varying levels of vendor maturity in risk management practices can also be difficult. Additionally, balancing the need for thorough risk assessments with fast-paced business timelines requires strong communication and prioritization skills. Collaborating closely with procurement, legal, and IT teams is essential to ensure all risks are properly identified and managed.

What is a GRC Third Party Risk Analyst?

A GRC Third Party Risk Analyst is a professional who assesses and manages the risks associated with an organization’s external vendors, suppliers, or partners. Their role involves evaluating third-party compliance with regulatory standards and internal policies, identifying potential risks such as data breaches or non-compliance, and recommending mitigation strategies. They use frameworks like GRC (Governance, Risk, and Compliance) to help ensure that third-party relationships do not compromise the organization's security or reputation. This role often collaborates with procurement, legal, and IT teams to maintain robust risk management processes.

What is the difference between Grc Third Party Risk Analyst vs Grc Vendor Risk Analyst?

AspectGrc Third Party Risk AnalystGrc Vendor Risk Analyst
CertificationsCertifications like CRISC, CISA often preferredSame certifications commonly required
Work EnvironmentFocuses on third-party relationships and risk assessmentsPrimarily evaluates vendor-specific risks and compliance
Industry UsageUsed across finance, healthcare, and tech sectorsCommonly found in industries with extensive vendor networks

The Grc Third Party Risk Analyst and Grc Vendor Risk Analyst roles overlap significantly in certifications and work environment. The main difference lies in scope: the Third Party Risk Analyst assesses overall third-party relationships, while the Vendor Risk Analyst concentrates specifically on individual vendors. Both roles are vital for managing third-party risks in various industries.

More about Grc Third Party Risk Analyst jobs
What cities are hiring for Grc Third Party Risk Analyst jobs? Cities with the most Grc Third Party Risk Analyst job openings:
What states have the most Grc Third Party Risk Analyst jobs? States with the most job openings for Grc Third Party Risk Analyst jobs include:
What job categories do people searching Grc Third Party Risk Analyst jobs look for? The top searched job categories for Grc Third Party Risk Analyst jobs are:
Grc Third Party Risk Analyst jobs near you
Infographic showing various Grc Third Party Risk Analyst job openings in the United States as of May 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $86,688 per year, or $41.7 per hour.
Third Party Governance, Risk and Compliance (GRC) Analyst

Third Party Governance, Risk and Compliance (GRC) Analyst

Veracity

Los Angeles, CA • Hybrid

Full-time

Posted 12 days ago

Job description

Third Party Governance, Risk and Compliance (GRC) Analyst
Los Angeles, California - Hybrid - 3 Days Onsite
Full Time
The Analyst will be a key player in overseeing third-party vendor risk, ensuring regulatory compliance, and supporting enterprise GRC initiatives. The ideal candidate brings hands-on experience with GRC processes, strong familiarity with risk frameworks, and an aptitude for cross-functional collaboration.
Key Responsibilities:
  • Manage the full Third Party Risk Management (TPRM) lifecycle from vendor onboarding to offboarding
  • Perform initial and ongoing risk assessments of third-party vendors, focusing on data privacy and cybersecurity
  • Request, analyze, and track vendor due diligence documentation (e.g., SOC reports, SIG questionnaires, security policies)
  • Evaluate third-party security controls in line with the firm's risk management framework
  • Collaborate with Procurement and Legal teams to support contract and compliance reviews
  • Coordinate with vendors and internal stakeholders on remediation plans and tracking risk mitigation
  • Assist with client compliance requests, including questionnaires and assessments
  • Maintain and report on key risk metrics, supporting periodic reviews and audits
  • Contribute to the automation and optimization of GRC workflows and tools
  • Stay updated on industry regulations (e.g., GDPR, CCPA) and best practices (e.g., NIST, ISO)
  • Provide training and guidance to business units on GRC processes and vendor compliance expectations
  • Participate in GRC program improvement initiatives and ad hoc security projects
Required Skills & Qualifications:
  • Minimum 3 years of experience in Third Party Risk Management, GRC, or a related security/governance field
  • Proven track record in highly regulated environments such as finance, legal, or consulting (Big 4 experience is a plus)
  • Strong understanding of GRC domains: compliance, enterprise risk, vendor resilience
  • Familiarity with security and privacy frameworks such as NIST CSF, ISO 27001, GDPR, CCPA
  • Highly organized with strong attention to detail and the ability to manage multiple priorities independently
  • Excellent written and verbal communication skills with experience engaging cross-functional stakeholders
  • Proficient in tools like Excel, Confluence, and common risk assessment platforms
Preferred Certifications (Nice to Have):
  • CTPRP, CRISC, CISA, CISM, or similar industry certifications

Apply