2

Third Party Risk Analyst Remote Jobs in Boston, MA

Analyzing processes, controls, and tools to identify opportunities for ServiceNow configuration and ... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional ...

Analyzing processes, controls, and tools to identify opportunities for ServiceNow configuration and ... Security Operations, Third-Party Risk Management, and ServiceNow AI Control Tower use cases

Serve as liaison between business units, technology teams, and third-party vendors. Track project ... Strong understanding of banking/insurance processes (core banking, payments, risk & compliance ...

... Third-Party Risk Management workstreams in partnership with architects and product owners ... Experience with Performance Analytics, Predictive Intelligence, Now Assist, or generative ...

Strong communication and analytical skills, including the ability to identify and solve ambiguous ... third-party risk management, benchmarking, and cyber insurance. Belonging & Inclusion Bitsight is ...

... third-party cyber risk management programs in an increasingly complex digital environment. Our work has earned consistent recognition from customers and industry analysts alike. WHY BLACK KITE We're ...

... third-party cyber risk management programs in an increasingly complex digital environment. Our work has earned consistent recognition from customers and industry analysts alike. WHY BLACK KITE We're ...

Contract Retirement Plan Analyst (Remote)

Boston, MA · On-site +1

$76K - $94K/yr

... and third-party vendors. Flexibility & Work-Life Integration Our client supports a hybrid work ... and remote flexibility. The firm recognizes the importance of meeting business needs while ...

Market Risk

Boston, MA · On-site +1

$82K - $180K/yr

This self-motivated Market Risk Analyst will use a strong technical and quantitative aptitude ... Hybrid remote telecommuting permitted pursuant to company policy. Minimum requirements: Master ...

next page

Showing results 1-20

Third Party Risk Analyst Remote information

See Boston, MA salary details

$16

$43

$71

How much do third party risk analyst remote jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for third party risk analyst remote in Boston, MA is $43.98, according to ZipRecruiter salary data. Most workers in this role earn between $32.40 and $53.56 per hour, depending on experience, location, and employer.

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

What are the most commonly searched types of Third Party Risk Analyst jobs in Boston, MA? The most popular types of Third Party Risk Analyst jobs in Boston, MA are:
What are popular job titles related to Third Party Risk Analyst Remote jobs in Boston, MA? For Third Party Risk Analyst Remote jobs in Boston, MA, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Analyst Remote jobs in Boston, MA look for? The top searched job categories for Third Party Risk Analyst Remote jobs in Boston, MA are:
Infographic showing various Third Party Risk Analyst Remote job openings in Boston, MA as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 82% Full Time, 11% Part Time, 1% Temporary, and 4% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $91,485 per year, or $44 per hour.
Senior Third Party Risk & Controls Specialist

Senior Third Party Risk & Controls Specialist

HubSpot

Cambridge, MA • Remote

Other

Posted 6 days ago


Job description

HubSpot is seeking a Senior Third Party Risk & Integration Security Engineer to join our expanding IAM, Third Party Risk Management, and Enterprise Application Management team. This role is based on the idea of "external party security" and combines technical security assessment expertise in vendor risk management, focusing on evaluating third-party applications, emerging AI technologies, and integration security. The ideal candidate will conduct technical assessments of vendor security controls while also supporting broader software management and identity and access management initiatives across the organization.
This role is remote; candidates must be based in the Eastern Time Zone (ET).

What you'll do

Third-Party Risk Assessment (Primary Focus - 60%)

  • Conduct technical security assessments of third-party applications, vendors, and service providers beyond traditional questionnaire-based reviews
  • Evaluate API security, authentication mechanisms, data flows, and integration architectures for vendor solutions
  • Assess generative AI vulnerabilities in third-party applications, including model security, data privacy, and information disclosure risks
  • Perform security reviews of Model Context Protocol (MCP) servers and implementations
  • Review vendor security documentation, architecture diagrams, and technical controls
  • Identify security gaps and provide risk-based recommendations and guardrails to stakeholders
  • Collaborate with procurement, legal, and business teams on vendor onboarding and ongoing monitoring requirements.
IAM & Enterprise Application Management (40%)
  • Support Shadow IT discovery and risk assessment initiatives using enterprise tooling
  • Evaluate security risks associated with unsanctioned applications and browser extensions
  • Assist with managing and reducing risk relating to non-human identity (NHI) including service accounts and API keys.
  • Assess access control implementations across enterprise applications and also members of HubSpot's global contractor base.
  • Review OAuth grants, SAML configurations, and application integrations for security risks
  • Support identity governance initiatives and access certification processes
  • Collaborate and support the enterprise application management team on shared security initiatives

What we're looking for 

  • 5+ years of experience in application security, vendor risk management, cloud security, and/or related field
  • Experience with security frameworks (NIST CSF, ISO 27001, SOC 2, etc.)
  • Strong understanding of API security (REST, GraphQL, authentication/authorization)
  • Strong understanding of IAM principles (RBAC, ABAC, least privilege) and modern authentication protocols (OAuth 2.0, SAML)
  • Experience with non-human identity management (service accounts, API tokens, certificates)
  • Understanding of SaaS architectures, access controls, and integration security
  • Excellent prioritization, organization, and time management skills to suit a high-volume environment.
  • Understanding of LLM and generative AI security challenges and the emerging threat landscape.
  • Strong project management and communication skills to support a highly cross-functional work environment.
  • Working knowledge of privacy and compliance standards (GDPR, CCPA, HIPAA)
  • Background in technical due diligence or managing large-scale supplier security programs (preferred)
  • Certifications such as CISSP, CCSP, CISM, or CRISC are a plus