ZipRecruiter

Log In

2

Third Party Risk Analyst Remote Jobs in California

Qcells

Counterparty Risk Analyst (Financial)

Irvine, CA · On-site +1

$75K - $95K/yr

EnFin's Risk Analyst is responsible for the analysis, structuring, and administration of the ... Remote work may be considered for exceptional cases. RESPONSIBILITIES * Perform due diligence and ...

Deloitte

Cyber Manager - ServiceNow

Fresno, CA · On-site +1

$110.20K - $148.90K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Deloitte

Cyber Manager - ServiceNow

San Francisco, CA · On-site +1

$130.80K - $176.70K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Deloitte

Cyber Manager - ServiceNow

San Diego, CA · On-site +1

$117.80K - $159.30K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Deloitte

Cyber Manager - ServiceNow

Costa Mesa, CA · On-site +1

$119.10K - $160.90K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Deloitte

Cyber Manager - ServiceNow

Inglewood, CA · On-site +1

$115.50K - $156.10K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Deloitte

Cyber Manager - ServiceNow

Los Angeles, CA · On-site +1

$119.60K - $161.60K/yr

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

W3 Global Sourcing

Lead Engineer

San Francisco, CA · On-site +1

$120.80K - $159.10K/yr

Create data infrastructure that can be queried by AI agents for risk analysis and business ... Experience building data pipelines that integrate with third-party APIs. * Strong systems thinking ...

next page

Showing results 1-20

People also search for

All JobsThird Party Risk Analyst Remote JobsThird Party Risk Analyst Remote Jobs in California

Third Party Risk Analyst Remote information

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

What are the most commonly searched types of Third Party Risk Analyst jobs in California? The most popular types of Third Party Risk Analyst jobs in California are:
What are popular job titles related to Third Party Risk Analyst Remote jobs in California? For Third Party Risk Analyst Remote jobs in California, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst Remote jobs in California look for? The top searched job categories for Third Party Risk Analyst Remote jobs in California are:
What cities in California are hiring for Third Party Risk Analyst Remote jobs? Cities in California with the most Third Party Risk Analyst Remote job openings:
Third Party Risk Analyst Remote jobs near you
Security Operations Engineer II

Security Operations Engineer II

StubHub

Los Angeles, CA • On-site, Remote

Other

Medical, Dental, Vision, Retirement

Posted 2 days ago

StubHub rating

7.0

Company rating: 7.0 out of 10

Based on 5 frontline employees who took The Breakroom Quiz

2nd of 3 rated ticket sellers

Job description

The Security Operations team owns incident response, threat detection, SIEM engineering, log management, and third-party security risk forming the frontline defense for StubHub's global operations.

As a Security Operations Engineer you will bring deep hands-on experience in incident response and threat detection. You will help extend the existing tooling, automation, and detection infrastructure that enables the team to operate at scale. This is not a purely operational role; we are looking for an engineer who writes production-quality code to solve security problems, architects detection pipelines, and help mature StubHub's SOC-less approach to Detection & Response.

You will work closely with Cloud and Infrastructure Security, Identity Engineering, and cross-functional stakeholders. Your work will directly shape how StubHub detects, responds to, and learns from threats.

Location: Hybrid (3 days in office/2 days remote) - New York, NY or Century City, CA 
 
What You'll Do:
  • Incident Response
    • Lead and coordinate security incident response end-to-end: detection, triage, containment, eradication, recovery, and post-incident review
    • Develop and maintain incident response playbooks
    • Drive root cause analysis and translate findings into durable improvements to detection and prevention capabilities
    • Act as an escalation point for complex or high-severity incidents across the organization
  • Threat Detection
    • Design, build, and tune detection rules, event correlation logic, and behavioral analytics across cloud, endpoint, network, and application data sources
    • Assist in maintaining a threat model for StubHub's environment and mapping detection coverage to the MITRE ATT&CK framework
    • Proactively hunt for threats and indicators of compromise across the environment
    • Collaborate with red team and pen test partners to validate detection coverage and identify gaps
  • SIEM & Log Engineering
    • Continually improve SIEM capabilities including data ingestion pipelines, normalization, enrichment, and alerting workflows
    • Own log collection strategy: define what gets collected, at what fidelity, and for how long across cloud providers, SaaS applications, endpoints, and internal services
    • Write and maintain parsers, ETL pipelines, and data transformation logic to ensure high-quality signal in the SIEM
    • Own and operate security tooling where needed (SIEM, SOAR, EDR, etc.)
  • Security Automation & Tooling
    • Write internal software in Python, Go, or similar  to automate detection, response, enrichment, and reporting workflows
    • Build integrations between security tools, internal APIs, and third-party services to accelerate analyst workflows and reduce mean time to respond
    • Develop dashboards, metrics, and reporting to communicate operational health and coverage to security leadership
    • Contribute to shared security infrastructure and internal libraries used across the security engineering organization
  • Third-Party Security
    • Support the third-party security program by evaluating vendor security posture, reviewing assessments, and triaging risk findings
    • Build or maintain tooling to automate third-party risk intake, tracking, and reporting
    • Collaborate with Legal, Procurement, and Engineering to ensure third-party risks are identified and remediated appropriately

What You've Done:

  • 3+ years of experience in security engineering, security operations, or a related discipline
  • Demonstrated, hands-on experience leading incident response efforts, including complex, multi-system investigations
  • Strong threat detection engineering experience: writing detection rules, tuning alerts, building correlation logic, and reducing false positive rates at scale
  • Proficiency in at least one programming or scripting language (Python strongly preferred; Go, Ruby, or Bash also relevant) - you regularly write code to solve security problems, not just configure tools
  • Deep familiarity with SIEM platforms (e.g., Splunk, ELK, Chronicle, Panther, or similar) including query languages and datra data onboarding.
  • Experience with cloud environments (AWS, GCP, or Azure) and the associated log sources, threat models, and detection strategies
  • Strong understanding of attacker tactics, techniques, and procedures (TTPs); experience mapping detections to MITRE ATT&CK
  • Excellent written and verbal communication skills; able to convey technical risk clearly to non-technical stakeholders

Preferred Experience: 

  • Experience operating in a SOC environment, either in-house or as part of an MSSP
  • Familiarity with SOAR platforms and automation-driven response workflows
  • Experience with threat intelligence platforms and operationalizing threat feeds into detection pipelines
  • Prior involvement in third-party or vendor security risk programs
  • Experience at high-growth technology companies or marketplaces where scale and velocity present unique security challenges
  • Familiarity with data engineering concepts - streaming pipelines, schema design, log normalization - applied to security contexts
  • Relevant certifications (GCIH, GCIA, GCFE, OSCP, or equivalent) are a plus, but not required

What We Offer:

  • Accelerated Growth Environment: An environment designed for swift skill and knowledge enhancement, where you have the autonomy to lead experiments and tests on a massive scale.
  • Top Tier Compensation Package: Competitive base, equity, and upside that tracks with your impact.
  • Flexible Time Off: Enjoy unlimited Flex Time Off, giving you the flexibility to manage your schedule and take time to recharge as needed.
  • Comprehensive Benefits Package: Prioritize your well-being with a comprehensive benefits package, featuring 401k, and premium Health, Vision, and Dental Insurance options.

Apply