The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing ... The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and ...
The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing ... The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Cybersecurity Professional
Raleigh, NC · On-site
Coordinates audit engagements led by Internal Audit, Regulator, or external audit firm. • Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC ...
Cybersecurity Professional
Raleigh, NC · On-site
Coordinates audit engagements led by Internal Audit, Regulator, or external audit firm. • Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC ...
Third Party Cyber Security Assessor
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Third Party Cyber Security Assessor
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Third-Party Risk Consultant
Springfield, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
Third-Party Risk Consultant
Springfield, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
Third Party Cyber Security Assessor
Denver, CO · On-site
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Third Party Cyber Security Assessor
Denver, CO · On-site
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Third-Party Risk Consultant
Boston, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
New
Third-Party Risk Consultant
Boston, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
New
Third-Party Risk Consultant
Springfield, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
New
Third-Party Risk Consultant
Springfield, MA · On-site
$86K - $113K/yr
Bachelor's degree, preferably in technology, cybersecurity, risk management, or business-related field * 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit ...
New
Third Party Cyber Security Assessor
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Third Party Cyber Security Assessor
$95K - $143K/yr
Evaluates a third parties information security risk with a holistic lens to determine if they meet ... Discusses any information security gaps in the service provider's program with the third party
Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments, including enterprise systems and manufacturing/process control systems (PCS). * Facilitate risk workshops ...
Perform cybersecurity risk assessments across IT, OT, cloud, and third-party environments, including enterprise systems and manufacturing/process control systems (PCS). * Facilitate risk workshops ...
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Third-Party, Supply Chain & Subsidiary Risk ManagementOwn cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors.Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk ManagementOwn cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors.Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Third-Party, Supply Chain & Subsidiary Risk Management * Own cybersecurity risk management for third parties, suppliers, logistics partners, co-manufacturers, and SaaS vendors. * Define and enforce ...
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Cybersecurity Professional
Raleigh, NC · On-site
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
Cybersecurity Professional
Raleigh, NC · On-site
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc.). Assist with customer inquiries about Carpenter compliance related to ...
New
Third-Party Risk Analyst
Mclean, VA · On-site
$45 - $47/hr
Monitor and document third-party risk and cybersecurity trends. Documentation & Communications * Create professional communications including: * Procedures and guidance * Job aids * PowerPoint ...
Quick apply
Third-Party Risk Analyst
Mclean, VA · On-site
$45 - $47/hr
Monitor and document third-party risk and cybersecurity trends. Documentation & Communications * Create professional communications including: * Procedures and guidance * Job aids * PowerPoint ...
Third Party Cybersecurity Risk information
See salary details
$43K - $52.7K
1% of jobs
$52.7K - $62.5K
6% of jobs
$62.5K - $72.2K
10% of jobs
$78.8K is the 25th percentile. Wages below this are outliers.
$72.2K - $81.9K
12% of jobs
$81.9K - $91.6K
15% of jobs
The median wage is $95.8K / yr.
$91.6K - $101.4K
15% of jobs
$101.4K - $111.1K
10% of jobs
$115.3K is the 75th percentile. Wages above this are outliers.
$111.1K - $120.8K
16% of jobs
$120.8K - $130.5K
7% of jobs
$130.5K - $140.3K
5% of jobs
$140.3K - $150K
3% of jobs
$43K
$99.4K
$150K
How much do third party cybersecurity risk jobs pay per year?
How much does a third party risk analyst make?
Is third party risk management a good career?
What is third-party risk management in cybersecurity?
What is the difference between Third Party Cybersecurity Risk vs Cybersecurity Analyst?
| Aspect | Third Party Cybersecurity Risk | Cybersecurity Analyst |
|---|---|---|
| Certifications | ISO 27001, CISSP, CISA | CISSP, CompTIA Security+, CEH |
| Work Environment | Vendor assessments, risk management teams, client organizations | Security operations centers, IT departments, consulting firms |
| Industry Usage | Supply chain, vendor management, compliance | Network security, incident response, vulnerability assessment |
Third Party Cybersecurity Risk professionals focus on evaluating and managing risks from external vendors and partners, ensuring compliance and reducing supply chain vulnerabilities. Cybersecurity Analysts primarily monitor, analyze, and respond to security threats within an organization’s own systems. While both roles require security certifications and involve risk assessment, their focus areas and work environments differ significantly.
Can you make $500,000 a year in cyber security?

Contractor
Re-posted 18 days ago
Job description
Job Title: "Information Security Specialist" (Cyber security analysis)
Location: Bellevue WA
Duration: 9+ Months (with high possibility of extending into full time)
Job Description:
This position is in Corporate Information Security and under the direction of the Manager, Third-Party Cybersecurity Assessments. The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing third parties. The Analyst will construct detailed and summary reports of assessments, including customized reports, as needed. The Analyst will work with Subject Matter Experts (SME) to develop and apply risk assessment criteria (aligned with Policy) to new and existing suppliers using internal and external business intelligence. The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and Contract Managers, Compliance, and Business Owners to develop and maintain an internal service model that informs the business of key risks in a timely manner to limit unnecessary impediments and avoid bureaucracy.
Specific responsibilities:
- Coordinate the development of information security policies, standards and procedures. Work with key IT offices, data custodians and governance groups in the development of such policies. Ensure that company policies support compliance with external requirements. Oversee the dissemination of policies, standards and procedures to the user community
- Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors
- Serve as the company compliance officer with respect to state and federal information security policies and regulations. Work with the -designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary. Prepare and submit and submit required reports to external agencies.
- Develop and implement an Incident Reporting and Response System to address security incidents (breaches), respond to alleged policy violations, or complaints from external parties.
- Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities.
- Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing.
Required Qualifications:
Talent management, results focus and inspirational leadership.
Essential Functions
Conduct third-party cybersecurity risk assessments, applying established criteria
Support assessment team with quality assurance reviews over work product and reporting
Collaborate with internal partners and third parties to mitigate and otherwise resolve third-party cyber risks
Consistently deliver on commitments, deadlines and objectives while remaining in scope and leveraging appropriate tools, methods, frameworks, and professional standards
Demonstrate consistent credibility with business partners and leadership while recommending initiatives, identifying gaps, and potential issues
Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism
Demonstrate the ability to appropriately influence business decisions, and the professional judgment for selecting the appropriate methods and techniques to do so
Preferred Qualifications:
Solid background both educationally and via professional experience. No less than 3 years' professional experience in business operations, project/program management, finance, risk management, information security, business analytics or similar.
Experience in large companies and/or complex environments, or providing professional consulting services for them.
Demonstrated abilities in problem-solving and analysis: identifies issues, analyses information to assess root cause and relationships, risks, and potential risk responses. Proven ability to synthesize and summarize complex data into concise recommendations and reports.
Demonstrated strong business writing and professional oral communication skills.
Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast-paced environment-with only periodic supervision.
Ability to work collaboratively and manage and initiate effective cross-functional relationships.
Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, and analyses.
Desired
Analytical - Synthesizes complex or diverse information; Collects and researches data; employs intuition and experience to complement data; Designs work flows and procedures.
Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Applies feedback to improve performance; Monitors own work to ensure quality
Planning/Organizing - Prioritizes and plans work activities to achieve success; Sets and achieves goals and objectives; Develops realistic action plans
Professionalism - Reacts well under pressure; Keeps commitments; Accepts responsibility for own actions.
Career Growth: Focus on cyber security auditing with potential advancement goals in engineering or threat analysis roles
Self-directed team player with Agile environment experience
Education
Minimum Required
Bachelor's Degree
Equivalent experience is acceptable.
License or Certification
Desired: (one of the following):
CISA (Certified Information Systems Auditor)
GSEC (GIAC Security Essentials Certification)
CompTIA - Security+
ECSA - EC-Council Certified Security Analyst
SSCP (Systems Security Certified Practitioner)
Other:
Six Sigma, PMP or Agile certificates
Other comments - suppliers:
Organizational skills; office suite knowledge; and good communication skills are "must haves". Cyber security analysis experience is preferred.
All your information will be kept confidential according to EEO guidelines.