2

Third Party Risk Analyst Remote Jobs in Virginia

FTE + Benefits Remote: 80% (4 days a week) Supports the FedRAMP and FISMA authorization(s) of new ... 3rd Party Applications into various cloud environments. This effort requires security testing ...

FTE + Benefits Remote: 80% (4 days a week) Client supports the FedRAMP and FISMA authorization(s ... 3rd Party Applications into various cloud environments. This effort requires security testing ...

AVP, AI Risk and Governance

Arlington, VA · On-site +1

$117K - $195K/yr

With a strong analytical background, the AVP will collaborate with technology stakeholders to support a robust risk culture. The ideal candidate has a strong background in enterprise, technology and ...

Compliance Analyst RMG

Newport, VA · Remote

$57K - $78K/yr

Overview Primary responsibility is to independently perform clinical chart reviews, risk adjustment ... Demonstrates expertise and ensures that all Third Party Payor reviews are completed timely with all ...

... to employers insurers and third-party administrators * Manage an assigned caseload while ... risk assessments Qualifications * JD from an ABA-approved law school with an active Virginia ...

... to employers insurers and third-party administrators * Manage an assigned caseload while ... risk assessments Qualifications * JD from an ABA-approved law school with an active Virginia ...

next page

Showing results 1-20

Third Party Risk Analyst Remote information

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

What are the most commonly searched types of Third Party Risk Analyst jobs in Virginia? The most popular types of Third Party Risk Analyst jobs in Virginia are:
What are popular job titles related to Third Party Risk Analyst Remote jobs in Virginia? For Third Party Risk Analyst Remote jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst Remote jobs in Virginia look for? The top searched job categories for Third Party Risk Analyst Remote jobs in Virginia are:
What cities in Virginia are hiring for Third Party Risk Analyst Remote jobs? Cities in Virginia with the most Third Party Risk Analyst Remote job openings:
Infographic showing various Third Party Risk Analyst Remote job openings in Virginia as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution.
Cybersecurity Systems Analyst

Cybersecurity Systems Analyst

FSR, LLC.

Herndon, VA • On-site, Remote

Full-time

Posted 9 days ago


Job description

Company Description
Entrusted by companies with challenging Cybersecurity and IT data management recruiting needs, Flex Staffing Resources identifies exceptional talent and cutting edge companies and brings them together.
Job Description
Location of Services: Herndon, VA 20171 (1 day a week)
Employment Type: FTE + Benefits
Remote: 80% (4 days a week)
Supports the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into various cloud environments. This effort requires security testing/assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is majority remote (post-pandemic).
This role serves as a "hands-on" senior-level technical security analyst responsible for interfacing with operations and security engineering teams on security issues and information gathering and documenting their implementation in the SSP.
Additionally, this role will assist with the security assessments and continuous monitoring of evidence for any of the clients environments (corporate, commercial regulated, FedRAMP, DOD and International).
GENERAL RESPONSIBILITIES:
  • Configuration, Execution and Analysis of vulnerability scans
  • Ability to interpret and assess network diagrams and drawings using Visio.
  • Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance, patching, and Cybersecurity Vulnerability Assessments (CSVA) mechanisms.
  • Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
  • Understand enterprise operating environments, including security posture, application environment, and associated security controls.
  • Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
  • Gather information, architecture diagrams and implementation of the security controls through interfacing with the security engineering, and operations and build teams.
  • Develop security documentation input of technical control implementation
  • Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
  • Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
  • Ability to respond effectively to customer's concerns regarding ConMon activities

Qualifications
  • Bachelor's Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
  • Minimum 5 years Information Technology experience
  • Experience with Cloud technologies, especially AWS and Azure, desirable
  • Experience with FedRAMP and/or other authorization processes and NIST risk management framework
  • Execution and Analysis of vulnerability scans; such as but not limited to: Nessus/Security Center, WebInspect, etc.
  • Familiarity with Splunk to execute queries, search/review data for impact.
  • Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
  • Flexible, self-motivated, and able to work independently in a fast paced environment
  • Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
  • Skill in preparing and making written and oral presentations of complex technical nature.
  • Demonstrated ability to coordinate multiple tasks
  • U.S. Citizenship

Additional Information
Qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, sexual orientation, gender identity, disability or protected veteran status.