Senior Third Party Risk & Controls Specialist
$95.6k - $143.4kJobgether
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Third Party Risk & Controls Specialist based in the United States. This role focuses on strengthening enterprise security by assessing third-party applications, vendor ecosystems, and emerging technologies. The position combines technical security expertise with risk management, identity governance, and application security practices. You will evaluate security controls, integration architectures, and access models to help reduce organizational risk. The role provides the opportunity to influence security strategies around SaaS platforms, APIs, AI technologies, and enterprise applications. You will collaborate with cross-functional teams including security, procurement, legal, engineering, and business stakeholders. This is a remote opportunity designed for professionals who thrive in complex, high-impact security environments. \n Accountabilities: The Senior Third Party Risk & Controls Specialist will be responsible for evaluating and improving security across external applications, vendors, and enterprise integrations while supporting broader identity and access management initiatives. Conduct in-depth technical security assessments of third-party applications, vendors, and service providers beyond standard questionnaire-based reviews. Analyze API security, authentication mechanisms, data flows, and integration architectures to identify potential risks and vulnerabilities. Assess security considerations related to generative AI technologies, including model risks, data privacy concerns, and information exposure. Review security documentation, architecture diagrams, and technical controls to provide actionable risk recommendations and mitigation strategies. Evaluate enterprise application risks, including Shadow IT discovery, browser extensions, and unsanctioned software usage. Support identity and access management initiatives involving role-based access control, least privilege principles, application permissions, and identity governance. Review OAuth grants, SAML configurations, API keys, service accounts, certificates, and other non-human identity controls. Collaborate with procurement, legal, engineering, and business teams to support vendor onboarding, monitoring, and security improvement efforts. Contribute to security reviews, compliance initiatives, and technical due diligence activities across enterprise systems. Communicate findings clearly and help stakeholders implement practical security guardrails. Requirements: The ideal candidate brings a strong background in application security, third-party risk management, cloud security, and identity security, with the ability to evaluate complex technical environments and communicate effectively with both technical and business teams. 5+ years of experience in application security, vendor risk management, cloud security, cybersecurity, or a related discipline. Strong understanding of security frameworks such as NIST CSF, ISO 27001, SOC 2, and related compliance standards. Experience assessing API security, including REST, GraphQL, authentication, and authorization mechanisms. Solid knowledge of IAM concepts including RBAC, ABAC, least privilege access, OAuth 2.0, and SAML. Experience managing risks related to non-human identities, including service accounts, API tokens, and certificates. Understanding of SaaS architectures, enterprise applications, integration security, and access control models. Familiarity with generative AI security risks and emerging threats affecting AI-powered applications. Experience supporting technical due diligence, supplier security programs, or third-party risk initiatives is preferred. Strong analytical, organizational, prioritization, and project management skills in a fast-paced environment. Excellent written and verbal communication skills with the ability to collaborate across multiple teams. Knowledge of privacy and compliance requirements such as GDPR, CCPA, or HIPAA is a plus. Relevant security certifications such as CISSP, CCSP, CISM, or CRISC are advantageous. Benefits: Competitive annual compensation range of approximately $95,600 - $143,400 USD, depending on experience, qualifications, and job-related factors. Comprehensive benefits package designed to support employee health, financial wellbeing, and professional growth. Flexible remote work environment with opportunities for collaboration and team connection. Access to professional development resources and career growth opportunities. Potential eligibility for equity participation through company stock programs. Supportive workplace culture focused on transparency, innovation, inclusion, and continuous learning. Additional benefits and perks aligned with employee wellbeing and long-term success. \n How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1
$115k - $130k
...Description We are looking for a Sr. Third Party Risk Specialist to own and evolve PNM’s third-party risk... ...for someone who can operate at a senior level—balancing expert risk analysis,... ...operationalization of third party security risk controls ~Communicate complex vendor risk...SeniorFull timeWork from homeFlexible hours$95.6k - $162.4k
Northern Trust Corp in Chicago is looking for a Senior Consultant in Third Party Risk Management. The role involves overseeing governance, ensuring compliance with risk policies, and supporting audit engagements. Candidates should possess strong analytical skills and understanding...SeniorFull time- Atlas Search is seeking a Third Party Risk Specialist in New York to enhance its enterprise-wide vendor risk management program. This individual will oversee third-party risk processes across various teams including Compliance and Operations. With over 10 years of experience...Senior
- ...Technologist in Hartford, Connecticut. In this role, you will be responsible for analyzing and managing cyber-related risks associated with third-party vendors. You will need a Bachelor’s Degree in a STEM field and five years of relevant cybersecurity experience. A strong...Senior
$105k - $120k
...development and maturation of the Credit Union’s Third-Party Risk Management (TPRM) program, ensuring... ...location. What You'll Do Regardless of seniority or role, uphold UNFCU’s mission, core... ...reporting mechanisms, and the overall control environment driving efficiency and...SeniorContract workWork at officeLocal area- ...this position is to support the assessment and oversight of Third‑Party Risk, as a component of Operational Risk, and to enhance the Bank'... ...This includes analysis of processes to identify key risks and controls associated with third‑party relationships as well as aggregate...SeniorWork at officeLocal area
- ...Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web... ..., first line team within the Markets Operational Risk & Control group at Client and is responsible for developing, implementing...SeniorContract work
- ...Administer and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments, issue tracking, reporting... ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability...
$70k - $90k
...iCapital is looking to hire a Vendor Risk Specialist to join the Information Security team.... ...a small team to evaluate the risk of third-party vendors. Vendor risk includes information... ...including evaluation of vendor controls, practices, process enhancements, and...Full timeWork at officeRemote work- ...Travelers is hiring a Cybersecurity Technologist in Hartford, Connecticut. You will engage with third parties to assess cybersecurity risks and provide operational support for security processes. The ideal candidate will have a Bachelor's Degree in a STEM field, five years...Senior
- ...Description As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality... ...adequacy and effectiveness of the test control processes in place. The role holder... ...Responsibilities Include Collaborating with senior management to influence key decisions....SeniorWork at officeLocal areaRemote work
- ...First Tech Federal Credit Union in Hillsboro, OR seeks a Senior Third-Party Risk Management Analyst to ensure compliance and perform risk assessments on third-party relationships. The role involves monitoring third-party activities and providing recommendations for compliance...Senior
$60k - $121.3k
...A leading regional financial institution is seeking a Senior Third Party Risk Analyst in Lake Elmo, MN. In this role, you will execute third-party risk management activities, focusing on compliance and relationship management with vendors. The ideal candidate will have...Senior- ...OceanFirst Bank is looking for a Third-Party Risk Management professional based in Red Bank, NJ. You will be responsible for overseeing third-party risk assessments, ensuring compliance, and preparing risk reports. The ideal candidate has a Bachelor's degree in Supply...Senior
- ...Northern Trust Company in Tempe, Arizona as part of the Chief Procurement Officer's team for Third Party Management. This role is focused on design and execution of third party risk management programs aligned with regulatory requirements. Key responsibilities include...Senior
$105k - $120k
United Nations Federal Credit Union seeks a skilled contributor to enhance its Third-Party Risk Management (TPRM) program. The role involves assessing and mitigating risks, ensuring compliance with regulations, and collaborating with various internal teams to support procurement...SeniorWork at office- OceanFirst Bank in Red Bank, NJ is seeking a professional to manage and assess third-party risk as part of their Operational Risk team. The ideal candidate will be responsible for analyzing vendor performance, ensuring compliance with regulatory standards, and creating...SeniorLocal area
$80k - $150k
...KeyCorp is looking for an Operational Risk Analyst V specializing in Third Party Management in Brooklyn, Ohio. The ideal candidate should have over 5 years of risk management experience and be skilled in regulatory guidance compliance. The role involves providing oversight...Senior- ...Citizens Bank is seeking a Third Party Risk Sr Analyst responsible for managing vendor assessment reviews and ensuring adherence to company policies. This role involves close collaboration with business leaders to evaluate vendor risks effectively. Applicants should possess...SeniorWork at officeRemote work
- ...IBM is seeking a Third Party Strategic Advisor who will build strategic partnerships with senior business leaders. The role involves developing and implementing compliance policies while providing guidance on risk and regulatory matters, making a significant impact on...Senior
- Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate vendors, shape security strategies, and improve workflows, reporting to the...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-...Senior
- Sky Mavis is seeking a Sr. GRC Analyst for third-party and human risk management in Tulsa, Oklahoma. This role focuses on identifying and mitigating risks from external vendors while implementing a strong security awareness program to cultivate a security-first culture...Senior
$150k - $175k
Overview A Career with Point72’s Third-Party Risk Team The Third‑Party Risk Management Team at Point72 is responsible for overseeing the firm... ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability efforts...Work experience placement- ...alternative investment platform is seeking a Third Party Risk Specialist to support and enhance its enterprise... ...emerging vendor risks, strengthening controls, and supporting scalable risk... ...paced, collaborative environment with senior cross-functional stakeholders. #J-18...
- Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM...Senior
- Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant...Senior
$84.15k - $108.9k
...areas. Role Overview The Global Third‑Party Risk Management Team is seeking a Third‑Party Cyber Risk Specialist to assist in executing the... ...general requests related to controls defined by Cboe’s standards and... ...gaps and report findings to senior team members. Perform...Work experience placementWork at officeImmediate start- Citi is seeking a Lead Analyst in New York to manage third-party risk and operational resilience. This role will involve overseeing risk frameworks and providing insights to senior leadership. Candidates should have over 6 years of experience in risk management and a strong...Senior
- Sky Mavis is seeking a Senior GRC Analyst focused on Third-Party and Human Risk Management in St. Louis, Missouri. This role requires 6-8+ years of experience in Risk Assessment and Information Security, with strong analytical skills. You will lead the Vendor Risk Management...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Third Party Risk & Controls Specialist. Be the first to apply!
- risk officer United States
- information risk analyst United States
- it risk analyst United States
- risk analyst United States
- senior quantitative risk analyst United States
- quantitative risk analyst United States
- risk consultant United States
- risk compliance officer United States
- operational risk specialist United States
- market risk analyst United States


