ZipRecruiter

Log In

2

Third Party Risk Analyst Remote Jobs in Virginia

Exiger

Enterprise Customer Success Manager

Mclean, VA · Remote

Familiarity with third-party risk management, supply chain risk, or compliance technology preferred ... remote Exiger is named a Leader in the Gartner ® Magic Quadrant™ for Supplier Risk Management ...

Sentara

Cybersecurity Analyst - Remote

Norfolk, VA · Remote

Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible ... Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate ...

ICF

Salesforce Business Analyst (Remote)

Reston, VA · Remote

Salesforce Business Analyst The Work: ICF seeks an experienced Salesforce Business Analyst to ... 3rd party systems, and built using Agile methodology. Job Location: Remote work is authorized. Must ...

next page

Showing results 1-20

People also search for

All JobsThird Party Risk Analyst JobsThird Party Risk Analyst Remote JobsThird Party Risk Analyst Remote Jobs in Virginia

Third Party Risk Analyst Remote information

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

What are the most commonly searched types of Third Party Risk Analyst jobs in Virginia? The most popular types of Third Party Risk Analyst jobs in Virginia are:
What are popular job titles related to Third Party Risk Analyst Remote jobs in Virginia? For Third Party Risk Analyst Remote jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst Remote jobs in Virginia look for? The top searched job categories for Third Party Risk Analyst Remote jobs in Virginia are:
What cities in Virginia are hiring for Third Party Risk Analyst Remote jobs? Cities in Virginia with the most Third Party Risk Analyst Remote job openings:
Third Party Risk Analyst Remote jobs near you
Senior Analyst - Third Party Risk Management

Senior Analyst - Third Party Risk Management

Sentara Healthcare

Norfolk, VA • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 6 days ago

Sentara Health rating

6.8

Company rating: 6.8 out of 10

Based on 379 frontline employees who took The Breakroom Quiz

489th of 864 rated healthcare providers

Job description

City/State
Norfolk, VA
Work Shift
First (Days)
Overview:
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements.
Key responsibilities
  • Vendor Risk Assessment (VRA):
    • Conduct thorough risk assessments for potential and existing vendors, focusing on various risk types, including cybersecurity, operational, financial, and compliance risks.
    • Utilize and potentially create vendor risk assessment questionnaires to gather detailed information about vendor practices, including data security policies, internal controls, compliance posture, and business continuity plans.
    • Analyze questionnaire responses and other relevant information to identify deficiencies, areas for remediation, and categorize vendors based on risk levels.
    • Engage with stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions.
    • Perform periodic reviews and reassessments of existing vendors to ensure ongoing compliance and address evolving risks.
  • Contract Negotiation:
    • Partner with Legal and Procurement teams during contract negotiations to ensure security, privacy, and other relevant risk clauses are adequately addressed.
    • Provide expert guidance on acceptable and unacceptable contract terms related to risk management, service level agreements (SLAs), and data protection.
    • Work to define and include clear performance standards, due diligence requirements, and exit strategies within contracts.
  • TPRM program development and maintenance:
    • Support the development, maintenance, and enhancement of the organization's Third-Party Risk Management program and framework.
    • Develop and update TPRM procedures to ensure alignment with organizational policies and regulatory requirements.
    • Identify and implement process efficiencies within the TPRM program and perform analyses on team metrics to enhance effectiveness.
  • Stakeholder collaboration and communication:
    • Build and maintain strong relationships with internal stakeholders across departments such as Legal, Procurement, Information Security, and Business Units.
    • Provide TPRM guidance and training to Vendor Relationship Owners and business partners on risk management practices.
    • Communicate identified risks, assessment results, and mitigation strategies to stakeholders, including senior management, clearly and concisely.
  • Ongoing monitoring and remediation:
    • Track identified risks associated with third parties and ensure timely reviews are performed.
    • Monitor key supplier performance against established SLAs and regulatory requirements.
    • Track and collaborate with internal partners and vendors to remediate any risk-related issues.

Education
  • Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline (Preferred)
  • Experience in lieu of Bachelor's Degree -7+ years of relevant experience without a degree

Certification/Licensure
  • CISA, CRISC, CISM, CISSP, or other relevant certifications are preferred

Experience
  • 5+ years of relevant experience with a degree
  • Strong understanding of Third-Party Risk Management (TPRM) principles, concepts, and best practices.
  • Experience in conducting vendor risk assessments and evaluating internal controls, potentially leveraging frameworks like ISO 27001/2, NIST 800-53, NIST CSF, SOC1/SOC2, CSA CCM, and Shared Assessments SIG.
  • Working knowledge of contract management principles and practices, including contract negotiation and analysis.
  • Excellent communication skills, both written and verbal, with the ability to effectively articulate security control requirements, assessment results, and risk considerations to diverse audiences.
  • Strong analytical, critical thinking, and problem-solving skills, with the ability to digest and analyze complex information with attention to detail and accuracy.
  • Ability to work collaboratively in a cross-functional environment and build strong relationships with internal and external partners.
  • Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word) and potentially GRC (Governance, Risk, and Compliance) tools like OneTrust (highly desirable), Archer, or ServiceNow

Keywords: TPRM, Third party Risk assessment
Benefits: Caring For Your Family and Your Career
Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.

What Sentara Health employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply