Security Risk Assessment Jobs in Oregon (NOW HIRING)

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

How you can make a difference

At HealthEquity, we're obsessed with protecting what matters most: our members' health and financial wellbeing. As a Senior Third Party Risk Analyst, you'll play a critical role in ensuring the security, resilience, and integrity of the partners and technologies powering our platform.

This is more than a compliance role. You'll be at the intersection of cybersecurity, emerging AI risk, and operational excellence, helping evolve our Third Party Risk Management (TPRM) program to meet the pace of a fastmoving, highly regulated environment. If you enjoy solving complex problems, improving systems through automation, and making meaningful impact at scale - this role was built for you.

What you'll be doing 

• Conduct risk assessments for critical and operationally significant thirdparty entities, including cloud service providers, SaaS platforms, technology partners, and infrastructure providers.
• Identify, track, and drive remediation of control gaps and security risks uncovered throughout the assessment lifecycle.
• Stay ahead of emerging risks, including generative and agentic AI, and evolving regulatory expectations across financial services and healthcare.
• Partner closely with crossfunctional teams such as Procurement, Legal, Privacy, Security, AI Governance, and vendor business owners to manage thirdparty risk holistically.
• Develop and maintain key risk and performance metrics that demonstrate progress and maturity within the TPRM program.
• Lead efforts to automate repetitive and highvolume processes, leveraging advancements in AI to increase efficiency, quality, and speed.
• Introduce and evaluate AIenabled tools to enhance risk clarity, improve signaltonoise, and scale the program responsibly.
• Support other TPRM and governance activities as needed, contributing to a culture of continuous improvement. 

What you will need to be successful

• Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related technical field.
• 5+ years of combined experience in information security, cybersecurity, or technical/analytical roles.
• Experience operating in fastpaced, highaccountability environments where prioritization and time sensitivity matter.
• 2-5 years of handson cybersecurity experience, ideally within financial services or healthcare.
• Strong understanding of security and AI control frameworks, such as:
  • NIST Cybersecurity Framework (CSF)
  • NIST AI Risk Management Framework (AI RMF)
  • ISO 42001
• Prior experience with TPRM / GRC platforms, including tools such as Vanta, Archer, or ServiceNow.
• Familiarity with cybersecurity risk rating services (e.g., RiskRecon, SecurityScorecard, BitSight).
• Working knowledge of audits, regulatory exams, and attestations, including SOC 2 Type II, ISO 27001, HITRUST, and similar frameworks.
• Ability to review and interpret technical evidence demonstrating cybersecurity validation and compliance (e.g., SCA, SAST, DAST, penetration testing).
• Excellent written and verbal communication skills, with the ability to translate between technical and nontechnical audiences.
• Experience reviewing technical policies and contributing to standard operating procedures.
• Strong command of the Microsoft ecosystem, including PowerPoint, Excel, Word, SharePoint, and Power BI.
• Demonstrated ability to use AI solutions securely and effectively, such as Microsoft Copilot, Gemini, Anthropic, or ChatGPT, to improve workflows and outcomes.
• One or more cybersecurity certifications, such as CISSP, CISA, CISM, CRISC, or equivalent.
• Demonstrated understanding of cybersecurity and AI governance frameworks, including NIST CSF and NIST AI RMF.

#LI-Remote

This is a remote position.

The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education& tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

Onboarding & Travel

This is a remote role, with an in-person onboarding training component. New team members must participate in Trailhead, HealthEquity's immersive onboarding experience Trailhead is designed to foster meaningful connections, support your integration into the organization, and equip you with a strong understanding of our business. Trailhead participation is a key expectation of this role. Trailhead is held onsite at our headquarters once per quarter. HealthEquity covers all required travel and accommodations. 

This role may begin with a virtual, self-paced onboarding experience, followed by a mandatory onsite Trailhead session at a later date.

HealthEquity is committed to providing reasonable accommodations to team members with qualifying disabilities. Should you be selected for this role and require an accommodation, we will put you in touch with our Benefits Team so you can begin the accommodation request process.

HealthEquity has a vision that by2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more. 

You belong at HealthEquity!

HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity - you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot's AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.

At HealthEquity, our goal is to save and improve lives by empowering healthcare consumers. This shared purpose inspires everything we do, including how we approach hiring. Our process is designed to get to know the real you: your skills, experiences, and potential to make a difference. We value honesty, originality, and the courage to do the right thing, even when it is not the easiest path. Showing up as your authentic self reflects these values and helps us build something truly remarkable together.

As AI is becoming a common tool throughout the application process, we want to be clear about its appropriate use at HealthEquity. Using AI to support resume writing, research, or interview preparation is perfectly acceptable, provided the content is accurate and genuinely represents your qualifications and skills.  For other key parts of our interview process, however, it is important that the ideas, communication, and work you share reflect your own voice, experiences, and thinking. We ask that you participate in our live interviews and complete any assessments without AI assistance unless instructions explicitly indicate otherwise or a specific exception is discussed and approved in advance. This approach ensures fairness, celebrates your individuality, and allows your authentic perspective to shine. Behaviors that do not align with these guidelines may result in disqualification from the hiring process or termination of employment if later discovered. We appreciate your understanding and look forward to learning about the unique contributions only you can bring to HealthEquity.

HealthEquity is committed to your privacy as an applicant for employment.  For information on our privacy policies and practices, please visit HealthEquity Privacy.