Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization ... Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ...
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization ... Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ...
Third-Party Risk Manager
Phoenix, AZ · On-site
Collect third-party documents in support of required due diligence or risk and control assessments. * Perform general due diligence activities like OFAC, financial health, prohibited entity checks ...
Third-Party Risk Manager
Phoenix, AZ · On-site
Collect third-party documents in support of required due diligence or risk and control assessments. * Perform general due diligence activities like OFAC, financial health, prohibited entity checks ...
Risk Assessment & Due Diligence: Lead security risk assessments of third-party vendors and partners across the full vendor lifecycle, from onboarding through offboarding, identifying and prioritizing ...
Risk Assessment & Due Diligence: Lead security risk assessments of third-party vendors and partners across the full vendor lifecycle, from onboarding through offboarding, identifying and prioritizing ...
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization ... Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ...
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization ... Vendor Risk Assessment (VRA): * Conduct thorough risk assessments for potential and existing ...
Risk Assessment & Due Diligence: Lead security risk assessments of third-party vendors and partners across the full vendor lifecycle, from onboarding through offboarding, identifying and prioritizing ...
Risk Assessment & Due Diligence: Lead security risk assessments of third-party vendors and partners across the full vendor lifecycle, from onboarding through offboarding, identifying and prioritizing ...
Third Party Risk Manager, AVP
Tempe, AZ · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third Party Risk Manager, AVP
Tempe, AZ · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · On-site
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · On-site
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Third Party Risk Manager, AVP
Tempe, AZ · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third Party Risk Manager, AVP
Tempe, AZ · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Lead assessment of emerging third party risks and technologies, including AI, and integrate ... Risk Governance, Reporting & Regulatory Readiness: * Design and deliver executive and board-level ...
Lead assessment of emerging third party risks and technologies, including AI, and integrate ... Risk Governance, Reporting & Regulatory Readiness: * Design and deliver executive and board-level ...
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Third-Party Risk Management Analyst
Bethesda, MD · Hybrid
$80.83K - $129.32K/yr
Collaborate with cross-functional teams to assess and monitor risk on an ongoing basis ... Experience with third-party risk management frameworks and methodologies, including alignment with ...
Serve as the firm'ssubject matter experton third-party risk management. * Contribute to the ... Lead assessment of emergingthird partyrisks and technologies, including AI, andintegratefindings ...
Serve as the firm'ssubject matter experton third-party risk management. * Contribute to the ... Lead assessment of emergingthird partyrisks and technologies, including AI, andintegratefindings ...
Third Party Risk Manager, AVP
Tampa, FL · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third Party Risk Manager, AVP
Tampa, FL · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third Party Risk Manager, AVP
Tampa, FL · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Third Party Risk Manager, AVP
Tampa, FL · Hybrid
$91K - $107K/yr
Responsible for providing support for risk assessments for engagements under the Third-Party Portfolio. * Responsible for information sharing about the Third Party to other TPMs and SRs, as necessary.
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
Conducting Third Party Risk Assessments by evaluating third party questionnaire responses, performing control validation, and assessment of documentation per established procedures and standards
The Third Party Risk Management (TPRM) Capability Lead is a senior individual contributor ... Partner with the 1st line of defense to identify control gaps, assess residual risk, and ensure ...
New
The Third Party Risk Management (TPRM) Capability Lead is a senior individual contributor ... Partner with the 1st line of defense to identify control gaps, assess residual risk, and ensure ...
New
Third Party Risk Assessor information
See salary details
$23.10 is the 25th percentile. Wages below this are outliers.
$19.95 - $24.28
34% of jobs
The median wage is $26.98 / hr.
$24.28 - $28.61
25% of jobs
$28.61 - $32.93
0% of jobs
$32.93 - $37.26
0% of jobs
$37.26 - $41.59
6% of jobs
$41.59 - $45.91
2% of jobs
$45.91 - $50.24
5% of jobs
$51.68 is the 75th percentile. Wages above this are outliers.
$50.24 - $54.57
6% of jobs
$54.57 - $58.89
8% of jobs
$58.89 - $63.22
10% of jobs
$63.22 - $67.55
2% of jobs
$19
$38
$67
How much do third party risk assessor jobs pay per hour?
As of May 29, 2026, the average hourly pay for third party risk assessor in the United States is $38.68, according to ZipRecruiter salary data. Most workers in this role earn between $23.80 and $54.33 per hour, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a Third Party Risk Assessor, and why are they important?
To thrive as a Third Party Risk Assessor, you need a solid understanding of risk management frameworks, vendor assessment procedures, and regulatory compliance, often supported by a degree in information security, business, or a related field. Familiarity with GRC (Governance, Risk, and Compliance) platforms, risk assessment tools, and industry certifications such as CISA or CRISC is typically required. Strong analytical thinking, attention to detail, and the ability to communicate findings clearly with stakeholders are crucial soft skills. These competencies ensure thorough evaluation of third-party vendors, effective risk mitigation, and compliance with organizational and regulatory standards.
What are some common challenges faced by Third Party Risk Assessors when evaluating vendors, and how can they be addressed?
Third Party Risk Assessors often encounter challenges such as incomplete vendor documentation, inconsistent risk assessment methodologies across departments, and rapidly changing regulatory requirements. To overcome these, assessors should establish clear communication channels with vendors, utilize standardized assessment frameworks, and stay updated on relevant compliance standards. Collaborating closely with internal stakeholders and leveraging automated risk management tools can also help streamline the evaluation process and ensure thorough risk mitigation.
What are Third Party Risk Assessors?
Third Party Risk Assessors are professionals responsible for evaluating the risks associated with an organization’s vendors, suppliers, and other external partners. They assess potential threats such as cybersecurity vulnerabilities, compliance issues, financial instability, and operational risks that could impact the business through its third-party relationships. Their work helps ensure that organizations are protected from potential disruptions or breaches originating outside their direct control. By conducting thorough risk assessments, they support informed decision-making and help maintain regulatory compliance.
What is the difference between Third Party Risk Assessor vs Vendor Risk Analyst?
| Aspect | Third Party Risk Assessor | Vendor Risk Analyst |
|---|---|---|
| Certifications | ISO 27001, CRISC, CISA | ISO 27001, CRISC, CISA |
| Work Environment | Risk management teams, compliance departments | Procurement, compliance, and risk teams |
| Industry Usage | Financial, healthcare, technology | Financial, healthcare, technology |
The Third Party Risk Assessor and Vendor Risk Analyst roles often share similar certifications and work environments, focusing on evaluating third-party vendors' risks. While the Risk Assessor primarily conducts risk assessments and compliance reviews, the Vendor Risk Analyst may focus more on vendor performance and procurement processes. Both roles are essential in managing third-party relationships and ensuring organizational security and compliance.
More about Third Party Risk Assessor jobs
What states have the most Third Party Risk Assessor jobs? States with the most job openings for Third Party Risk Assessor jobs include:
What job categories do people searching Third Party Risk Assessor jobs look for? The top searched job categories for Third Party Risk Assessor jobs are:
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 6 days ago
Sentara Health rating
6.8
Based on 379 frontline employees who took The Breakroom Quiz
489th of 864 rated healthcare providers
Job description
City/State
Norfolk, VA
Work Shift
First (Days)
Overview:
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements.
Key responsibilities
Education
Certification/Licensure
Experience
Keywords: TPRM, Third party Risk assessment
Benefits: Caring For Your Family and Your Career
• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
Norfolk, VA
Work Shift
First (Days)
Overview:
Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements.
Key responsibilities
- Vendor Risk Assessment (VRA):
- Conduct thorough risk assessments for potential and existing vendors, focusing on various risk types, including cybersecurity, operational, financial, and compliance risks.
- Utilize and potentially create vendor risk assessment questionnaires to gather detailed information about vendor practices, including data security policies, internal controls, compliance posture, and business continuity plans.
- Analyze questionnaire responses and other relevant information to identify deficiencies, areas for remediation, and categorize vendors based on risk levels.
- Engage with stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions.
- Perform periodic reviews and reassessments of existing vendors to ensure ongoing compliance and address evolving risks.
- Contract Negotiation:
- Partner with Legal and Procurement teams during contract negotiations to ensure security, privacy, and other relevant risk clauses are adequately addressed.
- Provide expert guidance on acceptable and unacceptable contract terms related to risk management, service level agreements (SLAs), and data protection.
- Work to define and include clear performance standards, due diligence requirements, and exit strategies within contracts.
- TPRM program development and maintenance:
- Support the development, maintenance, and enhancement of the organization's Third-Party Risk Management program and framework.
- Develop and update TPRM procedures to ensure alignment with organizational policies and regulatory requirements.
- Identify and implement process efficiencies within the TPRM program and perform analyses on team metrics to enhance effectiveness.
- Stakeholder collaboration and communication:
- Build and maintain strong relationships with internal stakeholders across departments such as Legal, Procurement, Information Security, and Business Units.
- Provide TPRM guidance and training to Vendor Relationship Owners and business partners on risk management practices.
- Communicate identified risks, assessment results, and mitigation strategies to stakeholders, including senior management, clearly and concisely.
- Ongoing monitoring and remediation:
- Track identified risks associated with third parties and ensure timely reviews are performed.
- Monitor key supplier performance against established SLAs and regulatory requirements.
- Track and collaborate with internal partners and vendors to remediate any risk-related issues.
Education
- Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline (Preferred)
- Experience in lieu of Bachelor's Degree -7+ years of relevant experience without a degree
Certification/Licensure
- CISA, CRISC, CISM, CISSP, or other relevant certifications are preferred
Experience
- 5+ years of relevant experience with a degree
- Strong understanding of Third-Party Risk Management (TPRM) principles, concepts, and best practices.
- Experience in conducting vendor risk assessments and evaluating internal controls, potentially leveraging frameworks like ISO 27001/2, NIST 800-53, NIST CSF, SOC1/SOC2, CSA CCM, and Shared Assessments SIG.
- Working knowledge of contract management principles and practices, including contract negotiation and analysis.
- Excellent communication skills, both written and verbal, with the ability to effectively articulate security control requirements, assessment results, and risk considerations to diverse audiences.
- Strong analytical, critical thinking, and problem-solving skills, with the ability to digest and analyze complex information with attention to detail and accuracy.
- Ability to work collaboratively in a cross-functional environment and build strong relationships with internal and external partners.
- Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word) and potentially GRC (Governance, Risk, and Compliance) tools like OneTrust (highly desirable), Archer, or ServiceNow
Keywords: TPRM, Third party Risk assessment
Benefits: Caring For Your Family and Your Career
• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to 10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance - 5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down - 10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.
Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.
In support of our mission "to improve health every day," this is a tobacco-free environment.
For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
What Sentara Health employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Sentara Health
Sourced by ZipRecruiter
Industry
Hospitals
Company size
10,000+ Employees
Headquarters location
Norfolk, VA, US
Year founded
1888