As a GRC Analyst, you will play a pivotal role in ensuring our organization adheres to regulatory ... Support third-party risk management and vendor security assessments * Prepare and present regular ...
As a GRC Analyst, you will play a pivotal role in ensuring our organization adheres to regulatory ... Support third-party risk management and vendor security assessments * Prepare and present regular ...
This role translates executive intent, policy direction, and vendor risk analysis into scalable, secure technical solutions and informs government decisions. The position is intended for a seasoned ...
New
This role translates executive intent, policy direction, and vendor risk analysis into scalable, secure technical solutions and informs government decisions. The position is intended for a seasoned ...
New
Cyber Solutions Architect (Hybrid)
Arlington, VA ยท On-site
$90/hr
This role translates executive intent, policy direction, and vendor risk analysis into scalable, secure technical solutions and informs government decisions. The position is intended for a seasoned ...
Cyber Solutions Architect (Hybrid)
Arlington, VA ยท On-site
$90/hr
This role translates executive intent, policy direction, and vendor risk analysis into scalable, secure technical solutions and informs government decisions. The position is intended for a seasoned ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA ยท On-site
Review current vendor risk assessment processes covering supplier ownership, foreign influence ... Provide expert analysis related to NIST SP 800-161, cybersecurity risk management, enterprise risk ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA ยท On-site
Review current vendor risk assessment processes covering supplier ownership, foreign influence ... Provide expert analysis related to NIST SP 800-161, cybersecurity risk management, enterprise risk ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS counterparts to conduct timely technical reviews and develop risk-based analyses in support of DoD CIO's ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS counterparts to conduct timely technical reviews and develop risk-based analyses in support of DoD CIO's ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS counterparts to conduct timely technical reviews and develop risk-based analyses in support of DoD CIO's ...
The Telecommunications Risk Analyst will coordinate with internal DoD stakeholders and DOJ/DHS counterparts to conduct timely technical reviews and develop risk-based analyses in support of DoD CIO's ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA ยท Remote
Review current vendor risk assessment processes covering supplier ownership, foreign influence ... Provide expert analysis related to NIST SP 800-161, cybersecurity risk management, enterprise risk ...
Cybersecurity Supply Chain Risk Management Subject Matter Expert (Anticipated Position)
Arlington, VA ยท Remote
Review current vendor risk assessment processes covering supplier ownership, foreign influence ... Provide expert analysis related to NIST SP 800-161, cybersecurity risk management, enterprise risk ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
Schedule and Risk Analyst
Arlington, VA ยท On-site
Overview Tecolote Research, Inc. is seeking a highly skilled and experienced schedule and risk analyst to participate in acquisition reviews for various Department of Energy (DOE) programs. This role ...
Schedule and Risk Analyst
Arlington, VA ยท On-site
Overview Tecolote Research, Inc. is seeking a highly skilled and experienced schedule and risk analyst to participate in acquisition reviews for various Department of Energy (DOE) programs. This role ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
We have an upcoming need for a Foreign Investment Risk Analyst to provide onsite support the DHS in the NCR. Responsibilities The Foreign Investment Risk Analyst will support Department of Homeland ...
Review vendor-provided security evidence and identify control gaps and areas of risk. Candidate ... Strong ability to analyze control evidence and document risk findings clearly * Technical ...
Review vendor-provided security evidence and identify control gaps and areas of risk. Candidate ... Strong ability to analyze control evidence and document risk findings clearly * Technical ...
Position Summary ANSER is seeking a China Corporate & Investment Risk Analyst to support the Office of the Deputy Assistant Secretary of Defense for Industrial Base Policy (IBP), Global Investment ...
Position Summary ANSER is seeking a China Corporate & Investment Risk Analyst to support the Office of the Deputy Assistant Secretary of Defense for Industrial Base Policy (IBP), Global Investment ...
Review vendor-provided security evidence and identify control gaps and areas of risk. Candidate ... Strong ability to analyze control evidence and document risk findings clearly * Technical ...
Review vendor-provided security evidence and identify control gaps and areas of risk. Candidate ... Strong ability to analyze control evidence and document risk findings clearly * Technical ...
Cyber Risk Analyst SME
Arlington, VA ยท On-site +1
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk ...
Cyber Risk Analyst SME
Arlington, VA ยท On-site +1
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote cyber risk assessments, developing mitigation strategies, and enabling proactive enterprise risk ...
Senior Credit Risk Analyst Consultant, USG
Washington, DC ยท On-site
$70/hr
A Senior Credit Risk Analyst will support Dexis' projects with the US Government agencies, mobilizing and facilitating American private capital and skills in the economic and social development of ...
Senior Credit Risk Analyst Consultant, USG
Washington, DC ยท On-site
$70/hr
A Senior Credit Risk Analyst will support Dexis' projects with the US Government agencies, mobilizing and facilitating American private capital and skills in the economic and social development of ...
Demonstrating experience in assessing risk related to foreign investment; AND * Coordinating multifaced projects that involve thorough analysis and assessment of responsibilities across various roles ...
Demonstrating experience in assessing risk related to foreign investment; AND * Coordinating multifaced projects that involve thorough analysis and assessment of responsibilities across various roles ...
Operational Risk Analyst -Security Governance & Risk Issues Management Location: Merrifield VA - Hybrid Duration: 12 months Basic Purpose This role is specifically designated as an Operational Risk ...
Operational Risk Analyst -Security Governance & Risk Issues Management Location: Merrifield VA - Hybrid Duration: 12 months Basic Purpose This role is specifically designated as an Operational Risk ...
Demonstrating experience in assessing risk related to foreign investment; AND * Coordinating multifaced projects that involve thorough analysis and assessment of responsibilities across various roles ...
Demonstrating experience in assessing risk related to foreign investment; AND * Coordinating multifaced projects that involve thorough analysis and assessment of responsibilities across various roles ...
Position Summary ANSER is seeking an Associate China Corporate & Investment Risk Analyst to support the Office of the Deputy Assistant Secretary of Defense for Industrial Base Policy (IBP), Global ...
Position Summary ANSER is seeking an Associate China Corporate & Investment Risk Analyst to support the Office of the Deputy Assistant Secretary of Defense for Industrial Base Policy (IBP), Global ...
Vendor Risk Analyst information
See Reston, VA salary details
$16.01 - $20.78
3% of jobs
$20.78 - $25.55
7% of jobs
$25.55 - $30.33
12% of jobs
$31.27 is the 25th percentile. Wages below this are outliers.
$30.33 - $35.10
15% of jobs
$35.10 - $39.88
13% of jobs
The median wage is $40.04 / hr.
$39.88 - $44.65
16% of jobs
$44.65 - $49.43
8% of jobs
$50.02 is the 75th percentile. Wages above this are outliers.
$49.43 - $54.20
11% of jobs
$54.20 - $58.97
6% of jobs
$58.97 - $63.75
6% of jobs
$63.75 - $68.52
3% of jobs
$16
$42
$68
How much do vendor risk analyst jobs pay per hour?
As of Jun 19, 2026, the average hourly pay for vendor risk analyst in Reston, VA is $42.12, according to ZipRecruiter salary data. Most workers in this role earn between $31.01 and $51.25 per hour, depending on experience, location, and employer.
Is risk analyst a good career?
A risk analyst, including vendor risk analysts, plays a key role in identifying and mitigating potential threats to an organization, often requiring skills in data analysis, risk assessment, and familiarity with compliance standards. The profession offers steady demand, competitive salaries, and opportunities for advancement, especially with relevant certifications like CRCM or CRISC. It can be a rewarding career for those interested in security, compliance, and strategic decision-making.
How much do risk analysts make in the US?
Risk analysts in the US typically earn a median annual salary of around $70,000 to $90,000, depending on experience, industry, and location. Senior risk analysts or those with specialized skills and certifications can earn higher salaries, often exceeding $100,000 annually.
What is a vendor risk analyst?
A vendor risk analyst is a professional responsible for assessing and managing risks associated with third-party vendors and suppliers. They evaluate vendor security, compliance, and operational risks, often using risk management tools and frameworks to ensure organizational safety and regulatory adherence.
How does a Vendor Risk Analyst typically collaborate with other departments within an organization?
Vendor Risk Analysts work closely with various departments such as procurement, legal, IT security, and compliance to assess and manage risks associated with third-party vendors. They facilitate communication between teams to ensure vendor contracts meet security and regulatory requirements. Regularly, they coordinate risk assessments, share findings, and help develop mitigation strategies, ensuring that vendor relationships support the organization's risk tolerance and business goals.
What are the key skills and qualifications needed to thrive as a Vendor Risk Analyst, and why are they important?
To thrive as a Vendor Risk Analyst, you need strong analytical skills, knowledge of risk management frameworks, and a relevant degree in business, finance, or a related field. Familiarity with third-party risk management platforms, regulatory compliance tools, and certifications like Certified Third Party Risk Professional (CTPRP) are often required. Excellent communication, attention to detail, and problem-solving abilities help you effectively assess vendor risks and collaborate with cross-functional teams. These competencies ensure your organization can identify, mitigate, and manage risks associated with external vendors, protecting both operational integrity and regulatory compliance.
What does a vendor analyst do?
A vendor risk analyst evaluates third-party vendors to ensure they meet security, compliance, and performance standards. They review contracts, conduct risk assessments, and monitor vendor activities using tools like risk management software to mitigate potential threats to the organization.
What are the most commonly searched types of Vendor Risk Analyst jobs in Reston, VA? The most popular types of Vendor Risk Analyst jobs in Reston, VA are:
What are popular job titles related to Vendor Risk Analyst jobs in Reston, VA? For Vendor Risk Analyst jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Vendor Risk Analyst jobs in Reston, VA look for? The top searched job categories for Vendor Risk Analyst jobs in Reston, VA are:
What cities near Reston, VA are hiring for Vendor Risk Analyst jobs? Cities near Reston, VA with the most Vendor Risk Analyst job openings:
Other
Posted 25 days ago
Job description
We are seeking a highly motivated and experienced Governance, Risk, and Compliance (GRC) Analyst to join our team. The ideal candidate will have at least five years of experience in GRC or IT risk, a bachelor's degree or higher in a related field, and professional certifications in GRC or cybersecurity. As a GRC Analyst, you will play a pivotal role in ensuring our organization adheres to regulatory requirements, manage risks effectively, and maintain robust governance practices for industry standards, frameworks and international data protection law.
Responsibilities:
- Develop, implement, and maintain governance, risk, and compliance frameworks, policies, standards and procedures.
- Conduct risk assessments and analyze potential threats to the organization's information systems and business operations.
- Monitor compliance with internal policies and external regulatory requirements (e.g., NIS2, DORA, ISO27001, AICPA Trust Principles, NIST, CIS, GDPR, SOX, HIPAA).
- Track changes to regional data protection law in the regions where EdgeConneX operates (APAC, EU, North America and South America)
- Collaborate with cross-functional teams to identify, assess, and mitigate risks across the organization.
- Maintain risk registers, compliance metrics, and reporting dashboards
- Support third-party risk management and vendor security assessments
- Prepare and present regular reports on risk management activities, compliance status, and remediation efforts to management.
- Support internal and external audits, including gathering documentation and facilitating audit processes.
- Stay up to date with changes in relevant laws, regulations, and industry best practices.
- Assist in the development and delivery of training programs related to governance, risk, and compliance topics.
- Contribute to continuous improvement of GRC processes and tooling
Required education & experience:
- Bachelor's degree or higher in Information Security, Computer Science, Business Administration, or a related field.
- Minimum of 5 years of professional experience in governance, risk, and compliance or a related discipline.
- Professional certifications such as CISA, CRISC, CISSP, CISM, ISO27001LA or similar are required.
- Strong understanding of regulatory requirements and frameworks (e.g., ISO 27001, NIST, PCI DSS).
- Risk assessment methodologies and control testing
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills, with the ability to work collaboratively across departments.
- Experience with:
- Policy development and lifecycle management
- Third-party/vendor risk assessments
- GRC tools and risk management platforms (e.g., DRATA, VANTA, Archer, OneTrust)
- Detail-oriented and highly organized, with a proactive approach to identifying and managing risks.
Preferred experience:
- Experience with GRC software platforms and tools.
- Project management experience or certification.
- Experience in a regulated industry (e.g., datacenter, finance, technology).
- Ability to train and mentor junior staff.
About EdgeConneX
Sourced by ZipRecruiter
Industry
Telecommunications
Company size
11 - 50 Employees
Headquarters location
Herndon, VA, US
Year founded
2009