Perform New Vendor Risk Assessments and Reassessments. * Serve as backup to the Sr. Risk Analyst. Manage Metrics and Reporting (5%) * Provides weekly and monthly reporting for the Risk Register and ...
Perform New Vendor Risk Assessments and Reassessments. * Serve as backup to the Sr. Risk Analyst. Manage Metrics and Reporting (5%) * Provides weekly and monthly reporting for the Risk Register and ...
This role ensures vendor risk activities--including due diligence, ongoing monitoring ... Strong analytical skills with the ability to assess risk data, identify trends, and support ...
Quick apply
This role ensures vendor risk activities--including due diligence, ongoing monitoring ... Strong analytical skills with the ability to assess risk data, identify trends, and support ...
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · On-site +1
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · On-site +1
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
Senior Cybersecurity Risk Analyst - USA Remote
Washington, DC · Remote
$130K - $160K/yr
The Senior Cybersecurity Risk Analyst is responsible for executing third-party and supplier risk ... Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Vienna, VA · Remote
Risk Analyst Location: Vienna, VA - 3 days onsite, 2 days remote Type: Contract Compensation: W-2 negotiable Work Model: Hybrid - onsite and remote Hours: 40 hrs a week Security Clearance: Full ...
Risk Analyst
Washington, DC · On-site +1
Estimate and validate loan-level logistic regression and survival analysis models to analyze the credit risk associated with multifamily residential, nursing home, and hospital loans. * Develop ...
Risk Analyst
Washington, DC · On-site +1
Estimate and validate loan-level logistic regression and survival analysis models to analyze the credit risk associated with multifamily residential, nursing home, and hospital loans. * Develop ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · Hybrid
$124K - $134K/yr
BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to business ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · Hybrid
$124K - $134K/yr
BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to business ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · On-site
$124K - $134K/yr
Overview BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · On-site
$124K - $134K/yr
Overview BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · Hybrid
$124K - $134K/yr
Overview BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to ...
Sr. Technical Risk Analyst (Vendor Relationship Manager)
Vienna, VA · Hybrid
$124K - $134K/yr
Overview BRMi is seeking a Sr. Technical Risk Analyst (Vendor Relationship Manager) to support a large financial enterprise in Vienna VA. The Security Vendor Management (SVM) team provides support to ...
We seek Governance & Risk Analyst | Human Capital Programmatic Evaluation & Compliance - Policy & Governance Support [NSF0102102] candidates with relevant Government And Public Services Sector ...
We seek Governance & Risk Analyst | Human Capital Programmatic Evaluation & Compliance - Policy & Governance Support [NSF0102102] candidates with relevant Government And Public Services Sector ...
Cyber Solutions Architect (Hybrid)
Arlington, VA · On-site
$90/hr
This role translates executive intent, policy direction, and vendor risk analysis into scalable ... Hourly rate is based on a range of factors that include relevant experience, knowledge, skills, and ...
Cyber Solutions Architect (Hybrid)
Arlington, VA · On-site
$90/hr
This role translates executive intent, policy direction, and vendor risk analysis into scalable ... Hourly rate is based on a range of factors that include relevant experience, knowledge, skills, and ...
Third Party Risk Analyst
Reston, VA · On-site
Conduct comprehensive risk assessments of new and existing vendors, focusing on financial health ... Strong analytical skills with the ability to identify and resolve complex issues. * Excellent ...
Third Party Risk Analyst
Reston, VA · On-site
Conduct comprehensive risk assessments of new and existing vendors, focusing on financial health ... Strong analytical skills with the ability to identify and resolve complex issues. * Excellent ...
Energy Infrastructure Risk Analyst
Washington, DC · On-site +1
ProSidian Seeks a Energy Infrastructure Risk Analyst | Project Finance & Credit Evaluation Support [DOE0063063] for Program Support on a Exempt 1099 Contract: No Overtime Pay Basis Remote (within USA ...
Quick apply
Energy Infrastructure Risk Analyst
Washington, DC · On-site +1
ProSidian Seeks a Energy Infrastructure Risk Analyst | Project Finance & Credit Evaluation Support [DOE0063063] for Program Support on a Exempt 1099 Contract: No Overtime Pay Basis Remote (within USA ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS ... hourly rate listed for this position is provided as a good-faith estimate of what the company ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS ... hourly rate listed for this position is provided as a good-faith estimate of what the company ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS ... hourly rate listed for this position is provided as a good-faith estimate of what the company ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS ... hourly rate listed for this position is provided as a good-faith estimate of what the company ...
Energy Infrastructure Risk Analyst
Washington, DC · On-site +1
ProSidian Seeks a Energy Infrastructure Risk Analyst | Project Finance & Credit Evaluation Support [DOE0063063] for Program Support on a Exempt 1099 Contract: No Overtime Pay Basis Remote (within USA ...
Energy Infrastructure Risk Analyst
Washington, DC · On-site +1
ProSidian Seeks a Energy Infrastructure Risk Analyst | Project Finance & Credit Evaluation Support [DOE0063063] for Program Support on a Exempt 1099 Contract: No Overtime Pay Basis Remote (within USA ...
Third-Party Risk Analyst
Mclean, VA · On-site
$45 - $47/hr
Third-Party Risk Analyst Location: McLean, VA (5 days - Onsite) Job Overview The Third-Party Risk Analyst will support Enterprise Operationally Critical Third Parties (EOCTP) and Enterprise ...
Quick apply
Third-Party Risk Analyst
Mclean, VA · On-site
$45 - $47/hr
Third-Party Risk Analyst Location: McLean, VA (5 days - Onsite) Job Overview The Third-Party Risk Analyst will support Enterprise Operationally Critical Third Parties (EOCTP) and Enterprise ...
Hourly Vendor Risk Analyst information
See Silver Spring, MD salary details
$15.90 - $20.65
3% of jobs
$20.65 - $25.39
7% of jobs
$25.39 - $30.14
12% of jobs
$31.07 is the 25th percentile. Wages below this are outliers.
$30.14 - $34.88
15% of jobs
$34.88 - $39.63
13% of jobs
The median wage is $39.78 / hr.
$39.63 - $44.37
16% of jobs
$44.37 - $49.11
8% of jobs
$49.71 is the 75th percentile. Wages above this are outliers.
$49.11 - $53.86
11% of jobs
$53.86 - $58.60
6% of jobs
$58.60 - $63.35
6% of jobs
$63.35 - $68.09
3% of jobs
$15
$41
$68
How much do hourly vendor risk analyst jobs pay per hour?
What is the difference between Hourly Vendor Risk Analyst vs Contract Vendor Risk Analyst?
| Aspect | Hourly Vendor Risk Analyst | Contract Vendor Risk Analyst |
|---|---|---|
| Credentials | Relevant certifications (e.g., CRISC, CISA), risk management experience | Same as Hourly Vendor Risk Analyst, often with additional contractual knowledge |
| Work Environment | Typically in financial, healthcare, or corporate settings, part-time or project-based | Similar environments, often on a temporary or project basis |
| Employer Usage | Used by companies needing ongoing risk assessment on an hourly basis | Engaged for specific projects or contractual risk evaluations |
The main difference lies in employment arrangement: Hourly Vendor Risk Analysts work on an hourly basis, often with ongoing responsibilities, while Contract Vendor Risk Analysts are hired for specific projects or timeframes. Both roles require similar skills and certifications, but their engagement types differ.
Other
This job post has expired today. Applications are no longer accepted.
Job description
The Information Security Governance Risk and Compliance (ISGRC) team at the College Board works closely with other teams across the organization to assess and certify the security of College Board's information systems and processes. This dedicated team facilitates information security governance and compliance by assessing College Board's vendors, reviewing and negotiating contractual commitments to information security, planning for disaster response and recovery, testing system strength using industry-recognized frameworks (ISO 27001, PCI-DSS and SOC2) and obtaining related compliance certifications, implementing information security policies, promoting security awareness and training, and testing the acumen of College Board employees through robust and innovative training and phishing campaigns.
As a Security Risk Analyst, you will have the critical role of being responsible for evaluating and managing exceptions to IT security policies, for managing the Organization's Risk and Control Issues Register (Risk Register), and for developing reports and metrics. Your strong technical communication and negotiation skills will help you build relationships and collaborate with diverse stakeholders and reduce risk to the organization and ensure compliance. Under the direction of management, you will manage the Risk Register and perform security policy exceptions to help the College Board understand its critical risks. In this role you will:
- Manage the Risk Register (20%)
- Leads the management of the issues and risks and quickly escalates any untimely completion of audit actions.
- Works independently to communicate risks and works with others to problem-solve risks to tolerance levels based on data and evidence.
- Maintains data quality of Risk Register and executes any required data clean-up exercises.
- Understands College Board work to be able to drive Risk or Control Owners to ensure consistent application of policies and standards.
- Raises awareness about Risk & Control Issues, Policy exceptions, and available risk reduction options.
- Fosters a culture of risk awareness and compliance within the technology department and across the organization.
Manage Policy Exceptions (65%)
- Independently analyzes policy exception submissions and provides risk assessment reports for critical service lines, applications, and infrastructure hosted on-prem and in the cloud.
- Evaluates and manage exceptions to IT security policies.
- Manages materials for the Exception Review Board and presents exception information to executive leadership and senior team members.
- Maintains an up-to-date knowledge and understanding of IT security policies and principles.
- Maintains a customer-focused attitude in all interactions with customers and colleagues.
Support Vendor Risk Management (10%)
- Support the Vendor Risk Management program by understanding policies and procedures.
- Perform New Vendor Risk Assessments and Reassessments.
- Serve as backup to the Sr. Risk Analyst.
Manage Metrics and Reporting (5%)
- Provides weekly and monthly reporting for the Risk Register and policy exceptions.
- Produces trending metrics and escalate exceptions.
- Performs other duties as assigned.
To qualify for this role you must have:
- 5-7 years of experience managing or supporting IT Security Risk and Control Risk Register and processing policy exceptions.
- Strong understanding of risk management techniques such as risk identification, risk scoring, risk mitigation, and risk tracking.
- Proven ability to lead conversations balancing risk and multiple business needs that result in positive outcomes with multiple stakeholders.
- The capacity to assess risk information and make risk recommendations independently.
- Strong organization and prioritization skills and the proven ability to manage multiple tasks simultaneously, both independently and as a member of the team.
- Excellent verbal and written communication skills.
- Experience with governance, risk, and compliance tools (e.g., OneTrust) preferred.
- Experience with information security and privacy frameworks such as ISO 27001, COBIT, NIST-CSF, NIST 800-53, GDPR etc.
- Current Information Security Certification (e.g., CISSP, CRISC, CISM, CISA, or related security certification) preferred or the ability to attain one within 6 months of hire.
- Bachelor's degree in computer science, cybersecurity, engineering, IT management or four years equivalent IT and security industry experience.
- The ability to travel 2-4 times a year to College Board offices or on behalf of College Board business.
All roles at College Board require:
- A passion for expanding educational and career opportunities and mission-driven work
- Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and comfort with learning and applying new digital tools independently and proactively.
- Clear and concise communication skills, written and verbal
- A learner's mindset and a commitment to growth: welcoming diverse perspectives, giving and receiving timely, respectful feedback, and continuously improving through iterative learning and user input.
- A drive for impact and excellence: solving complex problems, making data-informed decisions, prioritizing what matters most, and continuously improving through learning, user input, and external benchmarking.
- A collaborative and empathetic approach: working across differences, fostering trust, and contributing to a culture of shared success
- Authorization to work in the United States
Application review will begin immediately and will continue until the position is filled. This role is expected to accept applications for a minimum of 5 business days. While the hiring process may vary, it generally includes: resume and application submission, recruiter phone/video screen, hiring manager interview, performance exercise such as live coding, a panel interview, a conversation with leadership and reference checks.
At College Board, we offer more than a paycheck- we provide a meaningful career, a supportive team, and a comprehensive package designed to help you thrive. We're a self-sustaining nonprofit that believes in fair and competitive compensation grounded in your qualifications, experience, impact, and the market. A Thoughtful Approach to Compensation
- The hiring range for this role is $72,000-$120,000.
- Your exact salary will depend on your location, experience, and how your background compares to others in similar roles at the College Board.
- We aim to make our best offer upfront, rooted in fairness, transparency, and market data.
- We adjust salaries by location to ensure fairness, no matter where you live.
About disABLEDperson
Sourced by ZipRecruiter
Industry
Human resources consulting services
Company size
1 - 10 Employees
Headquarters location
Encinitas, CA, US
Year founded
2002