Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ... For positions that are available as remote work, Sentara Health employs associates in the following ...
Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ... For positions that are available as remote work, Sentara Health employs associates in the following ...
Cyber Risk Analyst SME
Arlington, VA · On-site +1
We are seeking a Cyber Risk Analyst (SME-level ... This role involves conducting on-site and remote cyber risk assessments, developing mitigation ...
Cyber Risk Analyst SME
Arlington, VA · On-site +1
We are seeking a Cyber Risk Analyst (SME-level ... This role involves conducting on-site and remote cyber risk assessments, developing mitigation ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · Remote
Remote / virtual support, aligned to Eastern Time core hours Clearance Required: Active Top Secret ... Review current vendor risk assessment processes covering supplier ownership, foreign influence ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA · Remote
Remote / virtual support, aligned to Eastern Time core hours Clearance Required: Active Top Secret ... Review current vendor risk assessment processes covering supplier ownership, foreign influence ...
Sr. Analyst - SCRM
VA · On-site +1
$88K - $116K/yr
General information Job Posting Title Sr. Analyst - SCRM Date Thursday, May 28, 2026 City Remote ... party/vendor risk management (TPRM), federal compliance, or related risk/governance functions ...
Sr. Analyst - SCRM
VA · On-site +1
$88K - $116K/yr
General information Job Posting Title Sr. Analyst - SCRM Date Thursday, May 28, 2026 City Remote ... party/vendor risk management (TPRM), federal compliance, or related risk/governance functions ...
Information Security Director (ISD)
Chantilly, VA · On-site +1
This is a remote position with regular collaboration across time zones. ESSENTIAL FUNCTIONS ... vendor risk exposure, and program maturity * Direct and mentor the Information Security Analyst and ...
Information Security Director (ISD)
Chantilly, VA · On-site +1
This is a remote position with regular collaboration across time zones. ESSENTIAL FUNCTIONS ... vendor risk exposure, and program maturity * Direct and mentor the Information Security Analyst and ...
Principal IT Risk Management Analyst
Herndon, VA · On-site +1
The Principal IT Risk Management Analyst is a senior-level role responsible for leading and ... remote location. * This role may require lifting, however reasonable accommodations will be ...
Principal IT Risk Management Analyst
Herndon, VA · On-site +1
The Principal IT Risk Management Analyst is a senior-level role responsible for leading and ... remote location. * This role may require lifting, however reasonable accommodations will be ...
Lead Analyst, Risk Reporting
Richmond, VA · On-site +1
The Lead Analyst, Risk Reporting will serve as the primary architect for Markel's risk storytelling, translating complex internal risk data into high-visibility reports for regulators, the Board and ...
Lead Analyst, Risk Reporting
Richmond, VA · On-site +1
The Lead Analyst, Risk Reporting will serve as the primary architect for Markel's risk storytelling, translating complex internal risk data into high-visibility reports for regulators, the Board and ...
Senior Analyst, Risk Intelligence
Richmond, VA · On-site +1
The Senior Analyst, Risk Intelligence is responsible for translating risk insight into practical decision support to help Markel's decentralized leadership remain within established guardrails while ...
Senior Analyst, Risk Intelligence
Richmond, VA · On-site +1
The Senior Analyst, Risk Intelligence is responsible for translating risk insight into practical decision support to help Markel's decentralized leadership remain within established guardrails while ...
Program Analyst -Army Risk Reduction and Prevention Visualization Dashboard
Arlington, VA · On-site +1
Summary: Supports the Army Risk Reduction and Prevention Visualization Dashboard (CRRT) by delivering analytical and technical assistance, including data integration, system support, and user ...
Program Analyst -Army Risk Reduction and Prevention Visualization Dashboard
Arlington, VA · On-site +1
Summary: Supports the Army Risk Reduction and Prevention Visualization Dashboard (CRRT) by delivering analytical and technical assistance, including data integration, system support, and user ...
IT Vendor Financials & Contract Manager
Richmond, VA · On-site +1
... optimization, risk alignment, and governance maturity across the vendor portfolio. This role ... Support data-driven technology decision-making through analytics and reporting Automation ...
IT Vendor Financials & Contract Manager
Richmond, VA · On-site +1
... optimization, risk alignment, and governance maturity across the vendor portfolio. This role ... Support data-driven technology decision-making through analytics and reporting Automation ...
... analytics, and AI-enabled capabilities. * Own the third-party risk framework and partner across ... Ability to travel 0-10%, on average, based on the work you do; this role is predominantly remote ...
... analytics, and AI-enabled capabilities. * Own the third-party risk framework and partner across ... Ability to travel 0-10%, on average, based on the work you do; this role is predominantly remote ...
Guide customers through vendor risk assessments, architecture reviews, penetration tests, and ... analytics, safe AI access, compliant data sharing) * Negotiate complex contracts: Navigate DPAs ...
Guide customers through vendor risk assessments, architecture reviews, penetration tests, and ... analytics, safe AI access, compliant data sharing) * Negotiate complex contracts: Navigate DPAs ...
Guide customers through vendor risk assessments, architecture reviews, penetration tests, and ... analytics, safe AI access, compliant data sharing) * Negotiate complex contracts: Navigate DPAs ...
Guide customers through vendor risk assessments, architecture reviews, penetration tests, and ... analytics, safe AI access, compliant data sharing) * Negotiate complex contracts: Navigate DPAs ...
Risk, Quality and Performance Analyst
VA · On-site +1
This role is remote. The Risk, Quality, and Performance Analyst serves as the Risk, Quality, and Performance Analyst supporting an enterprise IT services contract. This role is responsible for ...
Risk, Quality and Performance Analyst
VA · On-site +1
This role is remote. The Risk, Quality, and Performance Analyst serves as the Risk, Quality, and Performance Analyst supporting an enterprise IT services contract. This role is responsible for ...
Data Loss Prevention Analyst
Vienna, VA · On-site +1
Incident Response & Risk Analysis * Support response activities for confirmed data loss events ... Support initiatives to align DLP coverage with evolving business processes, vendors, and tools.
Data Loss Prevention Analyst
Vienna, VA · On-site +1
Incident Response & Risk Analysis * Support response activities for confirmed data loss events ... Support initiatives to align DLP coverage with evolving business processes, vendors, and tools.
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50% Cyber threats are everywhere, and the constantly evolving nature of these threats can make ...
Risk Assessment Analyst with Security Clearance
Alexandria, VA · On-site +1
$90K - $140K/yr
Risk Assessment Analyst Location: Alexandria, VA Work Type: Full-Time / Hybrid Remote Work: 50% Cyber threats are everywhere, and the constantly evolving nature of these threats can make ...
Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible ... Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate ...
Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible ... Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate ...
Cybersecurity Analyst - Remote
Norfolk, VA · On-site +1
Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible ... Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate ...
Cybersecurity Analyst - Remote
Norfolk, VA · On-site +1
Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible ... Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate ...
Senior Analyst - Risk Management (Finance Governance)
Arlington, VA · Remote
$80K - $134K/yr
... vendor oversight * As needed, support Finance teams with Controls Report Testing Program (CRTP) and ... Ability to analyze risk and control issues, identify root causes, and support remediation efforts
Senior Analyst - Risk Management (Finance Governance)
Arlington, VA · Remote
$80K - $134K/yr
... vendor oversight * As needed, support Finance teams with Controls Report Testing Program (CRTP) and ... Ability to analyze risk and control issues, identify root causes, and support remediation efforts
Data Loss Prevention (DLP) Analyst
Merrifield, VA · On-site +1
$40/hr
... risk through process and control improvements. The ideal candidate combines analytical ... vendors, and tools Project & Process Support - Assist in DLP-related projects including rule tuning ...
Data Loss Prevention (DLP) Analyst
Merrifield, VA · On-site +1
$40/hr
... risk through process and control improvements. The ideal candidate combines analytical ... vendors, and tools Project & Process Support - Assist in DLP-related projects including rule tuning ...
Remote Vendor Risk Analyst information
Can a risk analyst work remotely?
A remote Vendor Risk Analyst can work from home or any location with internet access, depending on the employer’s policies. Many organizations in this role utilize digital tools and require strong communication skills, making remote work feasible and common in the field.
What is a vendor risk analyst?
A vendor risk analyst is a professional responsible for assessing and managing risks associated with third-party vendors and suppliers. They evaluate vendor security, compliance, and performance, often using risk management tools and frameworks to ensure organizational safety and regulatory adherence.
Is risk analyst a good career?
A risk analyst role involves identifying and assessing potential threats to an organization, often requiring strong analytical skills and knowledge of industry regulations. It is considered a stable career with opportunities for advancement, especially in finance, insurance, and cybersecurity sectors. The role may require certifications such as FRM or CRM and proficiency with data analysis tools.
Is risk analyst an entry level job?
A risk analyst role can be entry level or require several years of experience, depending on the organization. Entry-level risk analyst positions typically require a bachelor's degree in finance, business, or a related field, and may involve basic data analysis skills and familiarity with risk management tools. Advanced roles may require certifications like FRM or CRM and more extensive experience.
What are the most commonly searched types of Vendor Risk Analyst jobs in Virginia? The most popular types of Vendor Risk Analyst jobs in Virginia are:
What are popular job titles related to Remote Vendor Risk Analyst jobs in Virginia? For Remote Vendor Risk Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Remote Vendor Risk Analyst jobs in Virginia look for? The top searched job categories for Remote Vendor Risk Analyst jobs in Virginia are:
What cities in Virginia are hiring for Remote Vendor Risk Analyst jobs? Cities in Virginia with the most Remote Vendor Risk Analyst job openings:
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 27 days ago
Sentara Health rating
6.8
Based on 385 frontline employees who took The Breakroom Quiz
488th of 873 rated healthcare providers
Job description
City/State
Norfolk, VA
Work Shift
First (Days)
Overview:
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements.
Key responsibilities
Education
Certification/Licensure
Experience
Keywords: TPRM, Third party Risk assessment
Benefits: Caring For Your Family and Your Career
• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
Norfolk, VA
Work Shift
First (Days)
Overview:
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements.
Key responsibilities
- Vendor Risk Assessment (VRA):
- Conduct thorough risk assessments for potential and existing vendors, focusing on various risk types, including cybersecurity, operational, financial, and compliance risks.
- Utilize and potentially create vendor risk assessment questionnaires to gather detailed information about vendor practices, including data security policies, internal controls, compliance posture, and business continuity plans.
- Analyze questionnaire responses and other relevant information to identify deficiencies, areas for remediation, and categorize vendors based on risk levels.
- Engage with stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions.
- Perform periodic reviews and reassessments of existing vendors to ensure ongoing compliance and address evolving risks.
- Contract Negotiation:
- Partner with Legal and Procurement teams during contract negotiations to ensure security, privacy, and other relevant risk clauses are adequately addressed.
- Provide expert guidance on acceptable and unacceptable contract terms related to risk management, service level agreements (SLAs), and data protection.
- Work to define and include clear performance standards, due diligence requirements, and exit strategies within contracts.
- TPRM program development and maintenance:
- Support the development, maintenance, and enhancement of the organization's Third-Party Risk Management program and framework.
- Develop and update TPRM procedures to ensure alignment with organizational policies and regulatory requirements.
- Identify and implement process efficiencies within the TPRM program and perform analyses on team metrics to enhance effectiveness.
- Stakeholder collaboration and communication:
- Build and maintain strong relationships with internal stakeholders across departments such as Legal, Procurement, Information Security, and Business Units.
- Provide TPRM guidance and training to Vendor Relationship Owners and business partners on risk management practices.
- Communicate identified risks, assessment results, and mitigation strategies to stakeholders, including senior management, clearly and concisely.
- Ongoing monitoring and remediation:
- Track identified risks associated with third parties and ensure timely reviews are performed.
- Monitor key supplier performance against established SLAs and regulatory requirements.
- Track and collaborate with internal partners and vendors to remediate any risk-related issues.
Education
- Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline (Preferred)
- Experience in lieu of Bachelor's Degree -7+ years of relevant experience without a degree
Certification/Licensure
- CISA, CRISC, CISM, CISSP, or other relevant certifications are preferred
Experience
- 5+ years of relevant experience with a degree
- Strong understanding of Third-Party Risk Management (TPRM) principles, concepts, and best practices.
- Experience in conducting vendor risk assessments and evaluating internal controls, potentially leveraging frameworks like ISO 27001/2, NIST 800-53, NIST CSF, SOC1/SOC2, CSA CCM, and Shared Assessments SIG.
- Working knowledge of contract management principles and practices, including contract negotiation and analysis.
- Excellent communication skills, both written and verbal, with the ability to effectively articulate security control requirements, assessment results, and risk considerations to diverse audiences.
- Strong analytical, critical thinking, and problem-solving skills, with the ability to digest and analyze complex information with attention to detail and accuracy.
- Ability to work collaboratively in a cross-functional environment and build strong relationships with internal and external partners.
- Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word) and potentially GRC (Governance, Risk, and Compliance) tools like OneTrust (highly desirable), Archer, or ServiceNow
Keywords: TPRM, Third party Risk assessment
Benefits: Caring For Your Family and Your Career
• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
What Sentara Health employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Sentara Health
Sourced by ZipRecruiter
Industry
Hospitals
Company size
10,000+ Employees
Headquarters location
Norfolk, VA, US
Year founded
1888