1

Senior Third Party Risk Analyst Jobs (NOW HIRING)

Senior Cybersecurity Third-Party Risk Analyst

Dallas, TX · Remote

$98K - $127K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Tempe, AZ · Remote

$95K - $123K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Everett, WA · Remote

$110K - $142K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Mesa, AZ · Remote

$99K - $128K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Seattle, WA · Remote

$113K - $146K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Denver, CO · Remote

$102K - $132K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

Senior Cybersecurity Third-Party Risk Analyst

Chicago, IL · Remote

$103K - $132K/yr

Senior Cybersecurity Third-Party Risk Analyst Company: The Boeing Company We are seeking a highly experienced Senior Cybersecurity Third-Party Risk Analyst to perform advanced, technical assessments ...

Posted today

As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance functions and execute Third Party Vendor Assessment reviews. This will include managing relationships ...

next page

Showing results 1-20

Senior Third Party Risk Analyst information

See salary details

$53.5K

$109.8K

$142.5K

How much do senior third party risk analyst jobs pay per year?

As of Jul 8, 2026, the average yearly pay for senior third party risk analyst in the United States is $109,846.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,500.00 and $137,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Senior Third Party Risk Analyst, and why are they important?

To thrive as a Senior Third Party Risk Analyst, you need expertise in risk management, vendor assessment, and regulatory compliance, often supported by a bachelor’s degree in business, finance, or a related field. Familiarity with GRC tools (such as Archer or OneTrust), risk assessment frameworks, and relevant certifications like CTPRA or CISA are typically required. Strong analytical thinking, communication skills, and stakeholder management set top performers apart in this role. These skills ensure effective identification and mitigation of third-party risks, safeguarding organizational integrity and regulatory adherence.

How does a Senior Third Party Risk Analyst typically collaborate with other departments to manage vendor risks?

As a Senior Third Party Risk Analyst, you will frequently collaborate with teams such as procurement, legal, IT security, and compliance to assess and manage vendor risks. This involves coordinating risk assessments, facilitating due diligence processes, and sharing findings to inform contract negotiations and ongoing vendor management. Effective communication and cross-functional teamwork are essential, as you'll often serve as a liaison to ensure that third-party risks are properly identified, documented, and mitigated across the organization.

What is the difference between Senior Third Party Risk Analyst vs Third Party Risk Analyst?

AspectSenior Third Party Risk AnalystThird Party Risk Analyst
Required CredentialsBachelor's degree, certifications like CTPRP or CRISC, experience in risk managementBachelor's degree, certifications like CTPRP or CRISC, entry to mid-level experience
Work EnvironmentFinancial institutions, large corporations, consulting firmsFinancial services, healthcare, technology companies
Employer & Industry UsageUsed in organizations with complex third-party relationshipsCommon in industries with third-party dependencies

The Senior Third Party Risk Analyst typically has more experience and handles complex risk assessments, often leading initiatives. The Third Party Risk Analyst is usually an entry to mid-level role focused on supporting risk evaluations. Both roles require similar credentials but differ in responsibility level and scope.

What is a Senior Third Party Risk Analyst?

A Senior Third Party Risk Analyst is a professional responsible for evaluating and monitoring the risks associated with a company’s external vendors, suppliers, and service providers. They assess potential security, financial, compliance, and operational risks that third parties may pose to the organization. This role typically involves conducting due diligence, developing risk assessment frameworks, and collaborating with internal teams to ensure regulatory compliance and protect sensitive data. Senior analysts often lead risk assessment initiatives, mentor junior analysts, and work closely with stakeholders to mitigate identified risks. Their work is crucial in safeguarding the organization from potential disruptions and reputational harm.
More about Senior Third Party Risk Analyst jobs
What cities are hiring for Senior Third Party Risk Analyst jobs? Cities with the most Senior Third Party Risk Analyst job openings:
What are the most commonly searched types of Third Party Risk Analyst jobs? The most popular types of Third Party Risk Analyst jobs are:
What states have the most Senior Third Party Risk Analyst jobs? States with the most job openings for Senior Third Party Risk Analyst jobs include:
What job categories do people searching Senior Third Party Risk Analyst jobs look for? The top searched job categories for Senior Third Party Risk Analyst jobs are:
Infographic showing various Senior Third Party Risk Analyst job openings in the United States as of July 2026, with employment types broken down into 93% Full Time, and 7% Temporary. Highlights an 80% In-person, 13% Hybrid, and 7% Remote job distribution, with an average salary of $109,846 per year, or $52.8 per hour.
Senior Third Party Risk & Controls Specialist

Senior Third Party Risk & Controls Specialist

HubSpot

Cambridge, MA • Remote

Other

Posted yesterday

New


Job description

HubSpot is seeking a Senior Third Party Risk & Integration Security Engineer to join our expanding IAM, Third Party Risk Management, and Enterprise Application Management team. This role is based on the idea of "external party security" and combines technical security assessment expertise in vendor risk management, focusing on evaluating third-party applications, emerging AI technologies, and integration security. The ideal candidate will conduct technical assessments of vendor security controls while also supporting broader software management and identity and access management initiatives across the organization.
This role is remote; candidates must be based in the Eastern Time Zone (ET).

What you'll do

Third-Party Risk Assessment (Primary Focus - 60%)

  • Conduct technical security assessments of third-party applications, vendors, and service providers beyond traditional questionnaire-based reviews
  • Evaluate API security, authentication mechanisms, data flows, and integration architectures for vendor solutions
  • Assess generative AI vulnerabilities in third-party applications, including model security, data privacy, and information disclosure risks
  • Perform security reviews of Model Context Protocol (MCP) servers and implementations
  • Review vendor security documentation, architecture diagrams, and technical controls
  • Identify security gaps and provide risk-based recommendations and guardrails to stakeholders
  • Collaborate with procurement, legal, and business teams on vendor onboarding and ongoing monitoring requirements.
IAM & Enterprise Application Management (40%)
  • Support Shadow IT discovery and risk assessment initiatives using enterprise tooling
  • Evaluate security risks associated with unsanctioned applications and browser extensions
  • Assist with managing and reducing risk relating to non-human identity (NHI) including service accounts and API keys.
  • Assess access control implementations across enterprise applications and also members of HubSpot's global contractor base.
  • Review OAuth grants, SAML configurations, and application integrations for security risks
  • Support identity governance initiatives and access certification processes
  • Collaborate and support the enterprise application management team on shared security initiatives

What we're looking for 

  • 5+ years of experience in application security, vendor risk management, cloud security, and/or related field
  • Experience with security frameworks (NIST CSF, ISO 27001, SOC 2, etc.)
  • Strong understanding of API security (REST, GraphQL, authentication/authorization)
  • Strong understanding of IAM principles (RBAC, ABAC, least privilege) and modern authentication protocols (OAuth 2.0, SAML)
  • Experience with non-human identity management (service accounts, API tokens, certificates)
  • Understanding of SaaS architectures, access controls, and integration security
  • Excellent prioritization, organization, and time management skills to suit a high-volume environment.
  • Understanding of LLM and generative AI security challenges and the emerging threat landscape.
  • Strong project management and communication skills to support a highly cross-functional work environment.
  • Working knowledge of privacy and compliance standards (GDPR, CCPA, HIPAA)
  • Background in technical due diligence or managing large-scale supplier security programs (preferred)
  • Certifications such as CISSP, CCSP, CISM, or CRISC are a plus