2

Third Party Risk Analyst Remote Jobs in Virginia

Sr. Analyst - SCRM

VA · On-site +1

$88K - $116K/yr

General information Job Posting Title Sr. Analyst - SCRM Date Thursday, May 28, 2026 City Remote ... management, third-party/vendor risk management (TPRM), federal compliance, or related risk ...

Position Title Chargemaster Analyst - Remote! Summary Join our team in person, hybrid schedule or ... Exhibits confidence, appropriate risk taking and achievement of high standards * Positive, can-do ...

New

Contract Retirement Plan Analyst (Remote)

Reston, VA · On-site +1

$72K - $90K/yr

... and third-party vendors. Flexibility & Work-Life Integration Our client supports a hybrid work ... and remote flexibility. The firm recognizes the importance of meeting business needs while ...

New

FTE + Benefits Remote: 80% (4 days a week) Client supports the FedRAMP and FISMA authorization(s ... 3rd Party Applications into various cloud environments. This effort requires security testing ...

next page

Showing results 1-20

Third Party Risk Analyst Remote information

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

What are the most commonly searched types of Third Party Risk Analyst jobs in Virginia? The most popular types of Third Party Risk Analyst jobs in Virginia are:
What are popular job titles related to Third Party Risk Analyst Remote jobs in Virginia? For Third Party Risk Analyst Remote jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst Remote jobs in Virginia look for? The top searched job categories for Third Party Risk Analyst Remote jobs in Virginia are:
What cities in Virginia are hiring for Third Party Risk Analyst Remote jobs? Cities in Virginia with the most Third Party Risk Analyst Remote job openings:
Infographic showing various Third Party Risk Analyst Remote job openings in Virginia as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution.
Manager -Cyber Third Party Risk

Manager -Cyber Third Party Risk

Sentara Healthcare

Norfolk, VA • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

This job post has expired today. Applications are no longer accepted.


Sentara Health rating

6.9

Company rating: 6.9 out of 10

Based on 391 frontline employees who took The Breakroom Quiz

442nd of 880 rated healthcare providers


Job description

City/State
Norfolk, VA
Work Shift
First (Days)
Overview:
Overview
As a Cyber Third-Party Risk Manager, you will play a critical role developing, enhancing and executing the third-party risk management program including onboarding, maintenance and ongoing monitoring, and offboarding of third-party suppliers. Your primary responsibilities will include identifying and categorizing third party vendors based on risk, understanding and prioritizing the risks, establishing and enforcing key controls to mitigate the risk, perform continuous monitoring that tracks and reassesses third parties, and ensure third party contractual compliance with Sentara policy and standards. You will also be responsible for negotiating and maintaining the information security exhibit with the vendors through the contracting process.
Key Responsibilities
  • Regularly interact with all levels of management to present and discuss third-party risk management
  • Conduct comprehensive risk assessments of third-party vendors based on risk
  • Manage a team of assessors for performing vendor assessments and vendor contracts negotiations
  • Analyze and prioritize risks based on their potential impact on the organization's operations, data, and reputation.
  • Develop and streamline the third-party risk management process.
  • Identify and assess vulnerabilities within vendor systems, networks, and applications.
  • Collaborate with cross-functional teams, including IT, security, and compliance, to develop and implement risk mitigation strategies.
  • Prepare detailed third-party risk assessment reports, including findings, recommendations, and mitigation plans, for presentation to management.
  • Maintain accurate and up-to-date documentation of third-party risk assessment activities, findings, and risk treatment plans.
  • Assist in audits and assessments to demonstrate compliance with cybersecurity standards.

Education:
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (preferred)

(OR)
  • Experience in lieu of Bachelor's Degree- 7+ years of experience in cybersecurity, with at least 3 years in risk management

Certification/Licensure
  • CISSP (Certified Information Systems Security Professional) (Preferred)
  • CISM (Certified Information Security Manager)(Preferred)
  • CRISC (Certified in Risk and Information Systems Control)(Preferred)
  • CISA (Certified Information Systems Auditor)(Preferred)

Experience
  • 5+ years of experience in cybersecurity, with at least 3 years in risk management with a degree (Required)
  • 7+ years of experience in cybersecurity, with at least 3 years in risk management without a degree) (Required)
  • Strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis.
  • 3 years' experience managing a third-party risk management program and team
  • Proficiency in performing third-party risk assessments and negotiating contractual security language
  • Knowledge of regulatory compliance requirements and industry standards.
  • Excellent analytical and problem-solving skills.
  • Effective communication and interpersonal abilities to collaborate with multidisciplinary teams.
  • Experience in healthcare or other highly regulated industries preferred
  • Deep understanding of cybersecurity frameworks (NIST CSF, NIST 800-53, ISO 27001, HITRUST)
  • Knowledge of healthcare regulations (HIPAA, HITECH) and their technical requirements
  • Familiarity with risk assessment methodologies and tools
  • Understanding of security technologies, controls, and best practices
  • Experience with GRC (Governance, Risk, and Compliance) platforms such as ServiceNOW, OneTrus

Keyword, Cybersecurity Risk, TPRM Talroo - IT
We provide market-competitive compensation packages, inclusive of base pay, incentives, and benefits. The base pay rate for Full Time employment is:116,729.60-216,777.60. Additional compensation may be available for this role such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.
Benefits: Caring For Your Family and Your Career
Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.

What Sentara Health employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom