1

Vendor Risk Analyst Jobs in Ohio (NOW HIRING)

next page

Showing results 1-20

Vendor Risk Analyst information

See Ohio salary details

$14

$38

$62

How much do vendor risk analyst jobs pay per hour?

As of Jul 4, 2026, the average hourly pay for vendor risk analyst in Ohio is $38.49, according to ZipRecruiter salary data. Most workers in this role earn between $28.32 and $46.83 per hour, depending on experience, location, and employer.

Do risk analysts make a lot of money?

Risk analysts, including vendor risk analysts, typically earn a competitive salary that varies by experience, industry, and location. Entry-level positions may start around $50,000 annually, while experienced professionals can earn over $100,000, especially with certifications like CRCM or CISA. The role often requires strong analytical skills and knowledge of risk management tools.

What is an example of a vendor risk?

A vendor risk for a Vendor Risk Analyst involves the potential for a third-party supplier or service provider to cause harm to the organization, such as data breaches, non-compliance with regulations, or operational disruptions. Assessing these risks requires evaluating the vendor's security controls, financial stability, and compliance history to mitigate potential impacts on the organization.

Is risk analyst an entry level job?

A risk analyst role can be entry-level or require more experience depending on the organization. Entry-level risk analyst positions typically require a bachelor's degree in finance, economics, or a related field, and may involve basic data analysis skills and familiarity with risk management tools. Advancing in this field often involves gaining certifications like FRM or CRM and developing stronger analytical and industry-specific knowledge.

What is a Vendor Risk Analyst?

A Vendor Risk Analyst is a professional responsible for assessing and managing risks associated with third-party vendors that provide products or services to an organization. They evaluate vendor practices, security protocols, and compliance with regulations to minimize potential risks such as data breaches, financial losses, or operational disruptions. Their work helps organizations ensure that vendors meet required standards and do not pose undue risk to business operations. Vendor Risk Analysts often use questionnaires, audits, and ongoing monitoring to perform their assessments.

How does a Vendor Risk Analyst typically collaborate with other departments within an organization?

Vendor Risk Analysts work closely with various departments such as procurement, legal, IT security, and compliance to assess and manage risks associated with third-party vendors. They facilitate communication between teams to ensure vendor contracts meet security and regulatory requirements. Regularly, they coordinate risk assessments, share findings, and help develop mitigation strategies, ensuring that vendor relationships support the organization's risk tolerance and business goals.

What are the key skills and qualifications needed to thrive as a Vendor Risk Analyst, and why are they important?

To thrive as a Vendor Risk Analyst, you need strong analytical skills, knowledge of risk management frameworks, and a relevant degree in business, finance, or a related field. Familiarity with third-party risk management platforms, regulatory compliance tools, and certifications like Certified Third Party Risk Professional (CTPRP) are often required. Excellent communication, attention to detail, and problem-solving abilities help you effectively assess vendor risks and collaborate with cross-functional teams. These competencies ensure your organization can identify, mitigate, and manage risks associated with external vendors, protecting both operational integrity and regulatory compliance.

What does a vendor analyst do?

A vendor risk analyst evaluates third-party vendors to ensure they meet security, compliance, and operational standards. They review contracts, perform risk assessments, and monitor vendor performance using tools like risk management software to mitigate potential threats to the organization.
What are the most commonly searched types of Vendor Risk Analyst jobs in Ohio? The most popular types of Vendor Risk Analyst jobs in Ohio are:
What are popular job titles related to Vendor Risk Analyst jobs in Ohio? For Vendor Risk Analyst jobs in Ohio, the most frequently searched job titles are:
What job categories do people searching Vendor Risk Analyst jobs in Ohio look for? The top searched job categories for Vendor Risk Analyst jobs in Ohio are:
Infographic showing various Vendor Risk Analyst job openings in Ohio as of June 2026, with employment types broken down into 89% Full Time, 9% Part Time, and 2% Contract. Highlights an 89% Physical, 3% Hybrid, and 8% Remote job distribution, with an average salary of $80,058 per year, or $38.5 per hour.
001903 - Information Security Analyst

001903 - Information Security Analyst

Factual Data

Columbus, OH โ€ข On-site

$75K - $100K/yr

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 3 days ago


Job description

Founded in 1948, CBC Companies is a privately-held company headquartered in Columbus, Ohio, with operating entities including: AmRent, Byte Software, Factual Data, DataVerify, DataVerify Flood Services, Ibbie, Innovis, and Select Business Services. CBC's portfolio of companies includes data repositories spanning the mortgage and credit markets in addition to hundreds of proprietary integrations across the broader credit ecosystem.
At CBC we are guided by our mission to serve our customers by providing them with products and services that ultimately empower economic opportunity for Americans. Using innovative technology and driven by integrity and a culture of compliance, CBC Companies delivers high quality products and services to help our customers manage risk.
About the Role:
Information Security Analyst supports enterprise risk management and third-party risk management (TPRM) initiatives by identifying, assessing, and mitigating information security risks across internal systems, business initiatives, third-party vendors, and emerging technologies including artificial intelligence (AI). This role requires strong analytical and communication skills, as well as expertise in security frameworks, regulatory compliance, vendor risk, and evolving technology risk domains. The ideal candidate is proactive, detail-oriented, and capable of translating technical risks into clear business impact and actionable mitigation strategies.
This is a hybrid role based in Columbus, Ohio. Candidates must reside in the Columbus area. In-office attendance will align with the department's schedule, which is determined collaboratively by the team.
What You'll Do:
  • Conduct comprehensive security risk assessments for internal systems, projects, policy exceptions, AI/ML initiatives, and third-party vendors.
  • Evaluate risk levels, document risk findings, and recommend effective remediation and mitigation strategies.
  • Identify security control gaps across traditional and emerging technology environments, including AI systems, automation platforms and data pipelines.
  • Apply established risk management, governance, and compliance processes across business operations and technology initiatives.
  • Support all phases of the vendor risk lifecycle, including due diligence, on boarding, ongoing monitoring, reassessments, and on-site evaluations.
  • Assess vendor use of AI and automation technologies and evaluate regulatory and security risks.
  • Contribute to the enhancement of TPRM frameworks, risk methodologies, assessment workflows, and best practices.
  • Provide risk advisory support to business units regarding security controls, information security policies, standards, and compliance requirements.
  • Assist in the development, implementation, and maintenance of information security policies, standards, and procedures aligned with regulatory and industry frameworks.
  • Communicate risk findings, recommendations, and priorities effectively to leadership, business stakeholders, and third parties
  • Collaborate cross-functionally with Information Security, Legal, Compliance, and business teams to drive risk mitigation strategies and remediation efforts. Perform other duties as assigned.
  • Perform other duties as assigned.

What You'll Need:
  • Associate's degree required.
  • 2+ years of experience in information security, IT risk management, or governance and compliance.
  • Experience conducting security risk assessments and managing vendor risk assessment processes.
  • Working knowledge of industry security frameworks and standards including PCI-DSS, NIST, and SOC.
  • Foundational understanding of AI/ML technologies and associated security, privacy, governance risks.
  • Strong analytical, organizational and problem-solving skills with the ability to manage multiple priorities independently.
  • Excellent verbal and written communication skills with the ability to influence stakeholders and present technical risks in business terms.
  • Experience developing documentation, reports, and using analytical tools.
  • Experience with security control testing, audits, or compliance assessments.
  • Ability to work effectively both independently and collaboratively.
  • Strong attention to detail, time management, and prioritization skills.

What Can Set You Apart:
  • Bachelor's degree in Information Security, Cybersecurity, Information Technology, or a related field
  • Certifications such as CISSP, CISA, CRISC, or similar.

Benefits We Offer:
CBC Companies offers comprehensive healthcare benefits to eligible employees including: medical, HSA, prescription, vision, dental. Our benefits also include life insurance, short & long-term disability, Roth and 401K with possible company match and profit sharing, an Employee Assistance Program (EAP), Time Away from Work (TAFW) and paid holidays - plus employee referral bonuses, and role-based professional development opportunities.
CBC Companies is committed to equal opportunity employment, and employment decisions are based on merit, qualifications, and abilities. Employment-related decisions are not influenced or affected by an employee's race, color, gender, age, religion, national origin, disability, citizenship, military status, sexual orientation, genetic information, or any other category protected by federal, state or local law. The Company endorses a work environment free from discrimination and harassment.
We are committed to providing reasonable accommodations to qualified individuals with disabilities. If you require a reasonable accommodation to complete the application process or perform the essential functions of the position, please let us know.
This posting will remain open until filled.