Support initial due diligence and ongoing risk assessments by collecting, validating, and documenting required artifacts and supporting materials for higher‑risk vendors to facilitate effective ...
Quick apply
Support initial due diligence and ongoing risk assessments by collecting, validating, and documenting required artifacts and supporting materials for higher‑risk vendors to facilitate effective ...
Quick apply
Support initial due diligence and ongoing risk assessments by collecting, validating, and documenting required artifacts and supporting materials for higher‑risk vendors to facilitate effective ...
Manassas, VA · On-site
... vendors through structured cybersecurity risk assessments to determine cyber clearance eligibility before contract execution or system access. • Serve as the primary SME and platform administrator ...
Manassas, VA · On-site
... vendors through structured cybersecurity risk assessments to determine cyber clearance eligibility before contract execution or system access. • Serve as the primary SME and platform administrator ...
Centreville, VA · On-site
$155K/yr
Support SOX-related vendor governance controls where applicable. * Partner with Internal Audit on third-party risk assessments. * Support remediation efforts tied to vendor governance findings.
Centreville, VA · On-site
$155K/yr
Support SOX-related vendor governance controls where applicable. * Partner with Internal Audit on third-party risk assessments. * Support remediation efforts tied to vendor governance findings.
Support SOX-related vendor governance controls where applicable. * Partner with Internal Audit on third-party risk assessments. * Support remediation efforts tied to vendor governance findings.
Support SOX-related vendor governance controls where applicable. * Partner with Internal Audit on third-party risk assessments. * Support remediation efforts tied to vendor governance findings.
Mclean, VA · On-site
$55 - $60/hr
... assessment. * Recommend enhancements to the business/technology processes and controls to improve effectiveness of technology & vendor risk management capabilities * Perform risk tracking, trending ...
Quick apply
Mclean, VA · On-site
$55 - $60/hr
... assessment. * Recommend enhancements to the business/technology processes and controls to improve effectiveness of technology & vendor risk management capabilities * Perform risk tracking, trending ...
Arlington, VA · On-site
$90/hr
Serve as the senior technical advisor for collaboration platforms and cross-enterprise solutions that support vendor risk assessment and cyber supply chain mission outcomes. * Lead modernization and ...
Arlington, VA · On-site
$90/hr
Serve as the senior technical advisor for collaboration platforms and cross-enterprise solutions that support vendor risk assessment and cyber supply chain mission outcomes. * Lead modernization and ...
Falls Church, VA · On-site
$180K - $210K/yr
Supply Chain Risk Management (SCRM) Lead Falls Church, Virginia Full-time Important Notice: This ... This role coordinates vendor security assessments, establishes SCRM policies, and interfaces with ...
Quick apply
Falls Church, VA · On-site
$180K - $210K/yr
Supply Chain Risk Management (SCRM) Lead Falls Church, Virginia Full-time Important Notice: This ... This role coordinates vendor security assessments, establishes SCRM policies, and interfaces with ...
Establish and maintain a new vendor, ongoing vendor, contract/agreement renewal changes and termination processes within the risk assessment program. Following regulatory guidance, develop and ...
Establish and maintain a new vendor, ongoing vendor, contract/agreement renewal changes and termination processes within the risk assessment program. Following regulatory guidance, develop and ...
Richmond, VA · On-site
Ability to shape risk strategy across emerging areas such as AI, data governance, and vendor risk ... Coordinate and lead the firm's response for IT assessments and inquiries, prepare agendas and ...
Richmond, VA · On-site
Ability to shape risk strategy across emerging areas such as AI, data governance, and vendor risk ... Coordinate and lead the firm's response for IT assessments and inquiries, prepare agendas and ...
Ability to shape risk strategy across emerging areas such as AI, data governance, and vendor risk ... Coordinate and lead the firm's response for IT assessments and inquiries, prepare agendas and ...
Ability to shape risk strategy across emerging areas such as AI, data governance, and vendor risk ... Coordinate and lead the firm's response for IT assessments and inquiries, prepare agendas and ...
Ashburn, VA · On-site
$90K - $139K/yr
Develop and maintain risk registers, risk heat maps, and third-party/vendor risk assessment programs * Support the integration of GRC tooling (e.g., ServiceNow GRC, Archer, OneTrust, Vanta) to ...
Quick apply
Ashburn, VA · On-site
$90K - $139K/yr
Develop and maintain risk registers, risk heat maps, and third-party/vendor risk assessment programs * Support the integration of GRC tooling (e.g., ServiceNow GRC, Archer, OneTrust, Vanta) to ...
Ashburn, VA · On-site
$90K - $139K/yr
Develop and maintain risk registers, risk heat maps, and third-party/vendor risk assessment programs * Support the integration of GRC tooling (e.g., ServiceNow GRC, Archer, OneTrust, Vanta) to ...
Ashburn, VA · On-site
$90K - $139K/yr
Develop and maintain risk registers, risk heat maps, and third-party/vendor risk assessment programs * Support the integration of GRC tooling (e.g., ServiceNow GRC, Archer, OneTrust, Vanta) to ...
Norfolk, VA · On-site +1
Identify and assess vulnerabilities within vendor systems, networks, and applications ... Prepare detailed third-party risk assessment reports, including findings, recommendations, and ...
Norfolk, VA · On-site +1
Identify and assess vulnerabilities within vendor systems, networks, and applications ... Prepare detailed third-party risk assessment reports, including findings, recommendations, and ...
Tysons Corner, VA · On-site
Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits ... vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance)
Tysons Corner, VA · On-site
Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits ... vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance)
Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits ... vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance)
Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits ... vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance)
... tracking, and assessment of software and third-party supply chain risk across DoW information ... vendor risk management tools to detect insecure dependencies, exposed libraries, and high-risk ...
... tracking, and assessment of software and third-party supply chain risk across DoW information ... vendor risk management tools to detect insecure dependencies, exposed libraries, and high-risk ...
... tracking, and assessment of software and third-party supply chain risk across DoW information ... vendor risk management tools to detect insecure dependencies, exposed libraries, and high-risk ...
... tracking, and assessment of software and third-party supply chain risk across DoW information ... vendor risk management tools to detect insecure dependencies, exposed libraries, and high-risk ...
Support the identification, assessment, and prioritization of technology risks across the ... vendors and ensure they are successfully processed through the firm's vendor risk process.
Support the identification, assessment, and prioritization of technology risks across the ... vendors and ensure they are successfully processed through the firm's vendor risk process.
Richmond, VA · On-site
Support the identification, assessment, and prioritization of technology risks across the ... vendors and ensure they are successfully processed through the firm's vendor risk process.
Richmond, VA · On-site
Support the identification, assessment, and prioritization of technology risks across the ... vendors and ensure they are successfully processed through the firm's vendor risk process.
In this role, the specialist integrates automated supply chain risk tooling, Software Bill of Materials governance, vendor security assessment programs, and threat intelligence monitoring to reduce ...
In this role, the specialist integrates automated supply chain risk tooling, Software Bill of Materials governance, vendor security assessment programs, and threat intelligence monitoring to reduce ...
| Aspect | Vendor Risk Assessment | Vendor Compliance Analyst |
|---|---|---|
| Primary Focus | Evaluating risks associated with vendors and third-party providers | Ensuring vendors comply with policies, regulations, and contractual obligations |
| Certifications | Certifications like CISSP, CISA, or vendor risk management courses | Certifications such as CCEP, CISA, or compliance-specific credentials |
| Work Environment | Risk management teams, procurement, cybersecurity departments | Compliance teams, legal, procurement, and audit departments |
| Industry Usage | Common in finance, healthcare, and IT sectors | Prevalent in regulated industries like finance, healthcare, and manufacturing |
Vendor Risk Assessment focuses on identifying and mitigating risks posed by vendors, while Vendor Compliance Analysts ensure vendors adhere to policies and regulations. Both roles are essential for managing third-party relationships but differ in their primary objectives and activities.
Full-time
Posted 24 days ago
5.6
Based on 8 frontline employees who took The Breakroom Quiz
136th of 144 rated banks
CLASSIFICATION: Non-exempt
REPORTS TO: Program Manager, Third Party Risk Management
JOB DESCRIPTION
Summary/Objective
Under the direction of the Program Manager, Third Party Risk Management, the Third‑Party Vendor Risk Analyst supports the execution of the Bank’s Third‑Party Risk Management (TPRM) Program by performing day‑to‑day operational, analytical, and facilitation activities. In partnership with the Program Manager, the Analyst helps strengthen and sustain effective vendor review cadence by coordinating stakeholder inputs, producing complete and traceable documentation, and preparing exam‑ready artifacts. This role ensures vendor risk activities—including due diligence, ongoing monitoring, documentation, and issue tracking—are executed in a timely, consistent, and examination‑defensible manner.
Essential Functions
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Other Duties
Support the Program Manager by tracking vendor‑related review milestones (including onboarding, renewals, and amendments). Ensure required vendor review documentation is complete, accurate, and available to support informed contractual decisions prior to execution.
Compile and maintain program metrics, status reports, and supporting materials used to measure and monitor Third‑Party Risk Management (TPRM) program performance. Assist, as directed by the Program Manager, in preparing materials for internal governance forums, audits, and regulatory examinations.
Support internal and external audits and regulatory examinations by organizing vendor files, maintaining evidence mappings, and assembling response documentation under Program Manager guidance. Maintain vendor records in an exam‑ready state to support Program Manager interactions with auditors, regulators, and risk committees.
Skills/Abilities
Supervisory Responsibility
This position does not have supervisory responsibilities.
Work Environment
This job operates in an office setting, the opportunity to telework is not available. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. Office environment with job duties conducted via telephone, face to face meetings, and on the computer.
Physical Demands
This position requires manual dexterity, the ability to lift files and open cabinets. This position requires bending, stooping, or standing, as necessary.
Travel
Limited local travel may be required for this position.
For Applicants located in Northern Viriginia (VA): The anticipated salary range for this position is $25.00-$30.00 per hour.
For Applicants from all other locations: The salary will be based on experience, qualifications, and geographic location.
The ranges listed above for Viriginia represent the good-faith compensation the Company reasonably expects to pay for the position at the time of posting. Actual compensation will be determined based on factors including, but not limited to, the candidate's skills, qualifications, experience, education, certifications, internal equity, and business needs. This position may also be eligible for additional compensation, such as bonuses or incentive pay, where applicable.
Education and Experience
Education
Experience
Equal Employment Opportunity/M/F/disability/protected veteran status.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Get the full story on Breakroom
Sourced by ZipRecruiter
Commercial banking
201 - 500 Employees
Alexandria, VA, US