2

Third Party Risk Analyst Remote Jobs in Layton, UT

As a Security Analyst at Lucid Software, you will protect our corporate assets, world-class web ... Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and ...

As a security analyst at Lucid you will be helping to protect corporate assets, including our world ... from third party vendor assessments, vulnerability scans, and internal risk discussions

Implementing and monitoring technology risk and control frameworks across digital audit and assurance tools, including security, privacy, confidentiality, third-party risk, and financial reporting ...

Application Security Engineer

Salt Lake City, UT · On-site +1

$56.75 - $76/hr

Assess third-party and open-source dependencies for security risks, ensuring that vendor and supply ... Strong background conducting security assessments, risk analyses, and security testing for ...

next page

Showing results 1-20

Third Party Risk Analyst Remote information

See Layton, UT salary details

$13

$36

$59

How much do third party risk analyst remote jobs pay per hour?

As of Jul 19, 2026, the average hourly pay for third party risk analyst remote in Layton, UT is $36.78, according to ZipRecruiter salary data. Most workers in this role earn between $27.07 and $44.76 per hour, depending on experience, location, and employer.

What does a Third Party Risk Analyst do?

A Third Party Risk Analyst is responsible for assessing and managing the risks associated with an organization’s external vendors or partners. They evaluate third parties to ensure they meet security, compliance, and operational standards. This role often involves conducting risk assessments, monitoring vendor performance, and recommending risk mitigation strategies. Working remotely, these analysts use digital tools to collaborate with internal teams and communicate with vendors.

What are the key skills and qualifications needed to thrive as a Third Party Risk Analyst (Remote), and why are they important?

To thrive as a Third Party Risk Analyst (Remote), you need a solid understanding of risk management frameworks, vendor due diligence, and compliance regulations, typically supported by a bachelor's degree in a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) platforms, and certifications such as CTPRA or CISA are often required. Strong analytical thinking, attention to detail, and effective communication are essential soft skills for evaluating and managing third-party risks collaboratively. These skills ensure organizations can identify, assess, and mitigate risks posed by external partners, maintaining regulatory compliance and protecting business interests.

How does a Third Party Risk Analyst collaborate with other departments in a remote work setting?

As a remote Third Party Risk Analyst, collaboration with departments such as procurement, legal, IT security, and compliance is typically achieved through regular virtual meetings and shared documentation platforms. You’ll often coordinate with these teams to assess vendor risks, review contracts, and ensure compliance with company policies. Clear communication and proactive follow-ups are key, as you may be managing multiple projects and stakeholders simultaneously. Building strong remote relationships helps streamline risk assessment processes and ensures effective risk mitigation strategies.

What is the difference between Third Party Risk Analyst Remote vs Vendor Risk Analyst?

AspectThird Party Risk Analyst RemoteVendor Risk Analyst
CredentialsCertifications like CRISC, CISA often preferredSimilar certifications, often including CRISC, CISA
Work EnvironmentRemote, primarily online collaborationRemote or on-site, depending on company policy
Industry UsageFinancial, healthcare, technology sectorsFinancial, retail, manufacturing sectors
Job FocusAssessing third-party risks and complianceEvaluating vendor security and operational risks

The main difference is that a Third Party Risk Analyst Remote focuses on assessing risks posed by third-party entities across various industries, often working remotely. A Vendor Risk Analyst typically concentrates on evaluating specific vendors' security and operational risks, which may involve more direct vendor interactions. Both roles require similar certifications and work environments, but their scope and focus differ slightly.

Security Analyst III

Security Analyst III

Lucid Software

Salt Lake City, UT • On-site, Remote

Other

Posted 3 days ago

New


Job description

Lucid Software is the leader in visual collaboration and work acceleration, helping teams see and build the future by turning ideas into reality. Our products, business, and workplace culture have received numerous awards, such as being named to the Forbes Cloud 100 and a Fortune Best Workplace in Technology. Lucid is a hybrid workplace, allowing employees to work remotely, from one of our offices, or a combination of the two depending on the needs of the role and team. At Lucid, we hold true to our core values of teamwork over ego, innovation in everything we do, individual empowerment, initiative, and ownership, and passion and excellence in every area. We value diverse perspectives and are dedicated to creating an environment that is respectful and inclusive for everyone.

As a Security Analyst at Lucid Software, you will protect our corporate assets, world-class web applications, and employees. You will focus on the execution of day-to-day GRC (Governance, Risk, and Compliance) operations, third-party risk assessments, and championing customer trust. Lucid Software's security team fosters an environment where business and development can quickly adapt and innovate. We stay abreast of evolving security, legal, and business requirements through a risk and compliance mindset. Our mission is to protect and support the objectives of the business.

Responsibilities:

  • Conduct third-party vendor risk assessments and internal risk evaluations; identify, document, and report on potential vulnerabilities and control gaps.
  • Respond directly to standard vendor security questionnaires and support internal teams (i.e. Sales, Customer Success, etc.) in answering security-related questions from prospects.
  • Track and collect evidence for ongoing SOC 2 and ISO 27001 compliance audits.
  • Proactively identify emerging threats and associated risks to existing business processes and corporate assets, and collaborate with senior team members to develop practical security solutions.
  • Coordinate and deliver security awareness training programs to employees to foster a strong security culture. 
  • Assure compliance to outside regulations affecting the Company
  • Collect and maintain impactful security and compliance metrics for team dashboards.
  • Partner with Legal, Engineering, IT, Finance, and HR to ensure corporate security policies are understood and followed.
  • Identify operational inefficiencies and areas for improvement in our existing security controls, and help design smoother workflows.

Requirements:

  • Bachelor's degree in information security assurance, business management, or a related field
  • 3+ years of experience with third party risk management, GRC, customer due diligence, etc.
  • Understanding of common security frameworks and principles (e.g. NIST 800-53, ISO 27001, SOC 2, etc). Strong organizational skills with the ability to manage tasks independently and meet deadlines with minimal oversight on daily routines.
  • Excellent verbal and written skills; comfortable translating security concepts into clear documentation.
  • Strong interpersonal skills with a track record of building positive relationships across non-technical teams (like Legal, HR, Finance) and technical teams (like IT and Engineering) to resolve security risks collaboratively.

Preferred Qualifications:

  • Prior experience working within a modern SaaS environment or cloud-first technology company, with a basic familiarity of how cloud applications operate.
  • Prior knowledge of and skill in applying risk management principles and practices
  • One or more preferred Certification(s): CRISC, CISSP, CISA, SSCP, CC, Security+, CySA+, etc.
  • Strong understanding of cloud environments (AWS, GCP, or Azure).
  • Experience with process improvement, efficiency enhancements, and automation of GRC and Security Assurance functions. Ability to use AI tools to enhance and enable work flows and automation.

#LI_DA1