Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Third Party Risk & Controls Specialist

$95.6k - $143.4k
Full-time

Jobgether

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Third Party Risk & Controls Specialist based in the United States. This role focuses on strengthening enterprise security by assessing third-party applications, vendor ecosystems, and emerging technologies. The position combines technical security expertise with risk management, identity governance, and application security practices. You will evaluate security controls, integration architectures, and access models to help reduce organizational risk. The role provides the opportunity to influence security strategies around SaaS platforms, APIs, AI technologies, and enterprise applications. You will collaborate with cross-functional teams including security, procurement, legal, engineering, and business stakeholders. This is a remote opportunity designed for professionals who thrive in complex, high-impact security environments. \n Accountabilities: The Senior Third Party Risk & Controls Specialist will be responsible for evaluating and improving security across external applications, vendors, and enterprise integrations while supporting broader identity and access management initiatives. Conduct in-depth technical security assessments of third-party applications, vendors, and service providers beyond standard questionnaire-based reviews. Analyze API security, authentication mechanisms, data flows, and integration architectures to identify potential risks and vulnerabilities. Assess security considerations related to generative AI technologies, including model risks, data privacy concerns, and information exposure. Review security documentation, architecture diagrams, and technical controls to provide actionable risk recommendations and mitigation strategies. Evaluate enterprise application risks, including Shadow IT discovery, browser extensions, and unsanctioned software usage. Support identity and access management initiatives involving role-based access control, least privilege principles, application permissions, and identity governance. Review OAuth grants, SAML configurations, API keys, service accounts, certificates, and other non-human identity controls. Collaborate with procurement, legal, engineering, and business teams to support vendor onboarding, monitoring, and security improvement efforts. Contribute to security reviews, compliance initiatives, and technical due diligence activities across enterprise systems. Communicate findings clearly and help stakeholders implement practical security guardrails. Requirements: The ideal candidate brings a strong background in application security, third-party risk management, cloud security, and identity security, with the ability to evaluate complex technical environments and communicate effectively with both technical and business teams. 5+ years of experience in application security, vendor risk management, cloud security, cybersecurity, or a related discipline. Strong understanding of security frameworks such as NIST CSF, ISO 27001, SOC 2, and related compliance standards. Experience assessing API security, including REST, GraphQL, authentication, and authorization mechanisms. Solid knowledge of IAM concepts including RBAC, ABAC, least privilege access, OAuth 2.0, and SAML. Experience managing risks related to non-human identities, including service accounts, API tokens, and certificates. Understanding of SaaS architectures, enterprise applications, integration security, and access control models. Familiarity with generative AI security risks and emerging threats affecting AI-powered applications. Experience supporting technical due diligence, supplier security programs, or third-party risk initiatives is preferred. Strong analytical, organizational, prioritization, and project management skills in a fast-paced environment. Excellent written and verbal communication skills with the ability to collaborate across multiple teams. Knowledge of privacy and compliance requirements such as GDPR, CCPA, or HIPAA is a plus. Relevant security certifications such as CISSP, CCSP, CISM, or CRISC are advantageous. Benefits: Competitive annual compensation range of approximately $95,600 - $143,400 USD, depending on experience, qualifications, and job-related factors. Comprehensive benefits package designed to support employee health, financial wellbeing, and professional growth. Flexible remote work environment with opportunities for collaboration and team connection. Access to professional development resources and career growth opportunities. Potential eligibility for equity participation through company stock programs. Supportive workplace culture focused on transparency, innovation, inclusion, and continuous learning. Additional benefits and perks aligned with employee wellbeing and long-term success. \n How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1

Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Senior Third Party Risk & Controls Specialist in United States vacancy
  • $115k - $130k

     ...Description We are looking for a Sr. Third Party Risk Specialist to own and evolve PNM’s third-party risk...  ...for someone who can operate at a senior level—balancing expert risk analysis,...  ...operationalization of third party security risk controls ~Communicate complex vendor risk... 
    Senior
    Full time
    Work from home
    Flexible hours

    PayNearMe, Inc.

    Remote
    7 days ago
  • $95.6k - $162.4k

    Northern Trust Corp in Chicago is looking for a Senior Consultant in Third Party Risk Management. The role involves overseeing governance, ensuring compliance with risk policies, and supporting audit engagements. Candidates should possess strong analytical skills and understanding... 
    Senior
    Full time

    Northern Trust Corp

    Chicago, IL
    4 days ago
  • Atlas Search is seeking a Third Party Risk Specialist in New York to enhance its enterprise-wide vendor risk management program. This individual will oversee third-party risk processes across various teams including Compliance and Operations. With over 10 years of experience... 
    Senior

    Atlas Search

    New York, NY
    1 day ago
  •  ...Technologist in Hartford, Connecticut. In this role, you will be responsible for analyzing and managing cyber-related risks associated with third-party vendors. You will need a Bachelor’s Degree in a STEM field and five years of relevant cybersecurity experience. A strong... 
    Senior

    The Travelers Indemnity Company

    Hartford, CT
    5 days ago
  • $105k - $120k

     ...development and maturation of the Credit Union’s Third-Party Risk Management (TPRM) program, ensuring...  ...location. What You'll Do Regardless of seniority or role, uphold UNFCU’s mission, core...  ...reporting mechanisms, and the overall control environment driving efficiency and... 
    Senior
    Contract work
    Work at office
    Local area

    UNFCU

    New York, NY
    2 days ago
  •  ...this position is to support the assessment and oversight of Third‑Party Risk, as a component of Operational Risk, and to enhance the Bank'...  ...This includes analysis of processes to identify key risks and controls associated with third‑party relationships as well as aggregate... 
    Senior
    Work at office
    Local area

    OceanFirst Bank

    Red Bank, NJ
    5 days ago
  •  ...Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web...  ..., first line team within the Markets Operational Risk & Control group at Client and is responsible for developing, implementing... 
    Senior
    Contract work

    Syntricate Technologies

    Tampa, FL
    5 days ago
  •  ...Administer and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments, issue tracking, reporting...  ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability... 

    Atlas Search

    New York, NY
    5 days ago
  • $70k - $90k

     ...iCapital is looking to hire a Vendor Risk Specialist to join the Information Security team....  ...a small team to evaluate the risk of third-party vendors. Vendor risk includes information...  ...including evaluation of vendor controls, practices, process enhancements, and... 
    Full time
    Work at office
    Remote work

    iCapital

    Salt Lake City, UT
    5 days ago
  •  ...Travelers is hiring a Cybersecurity Technologist in Hartford, Connecticut. You will engage with third parties to assess cybersecurity risks and provide operational support for security processes. The ideal candidate will have a Bachelor's Degree in a STEM field, five years... 
    Senior

    Travelers

    Hartford, CT
    5 days ago
  •  ...Description As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality...  ...adequacy and effectiveness of the test control processes in place. The role holder...  ...Responsibilities Include Collaborating with senior management to influence key decisions.... 
    Senior
    Work at office
    Local area
    Remote work

    Citizens

    Johnston, RI
    2 days ago
  •  ...First Tech Federal Credit Union in Hillsboro, OR seeks a Senior Third-Party Risk Management Analyst to ensure compliance and perform risk assessments on third-party relationships. The role involves monitoring third-party activities and providing recommendations for compliance... 
    Senior

    First Tech Federal Credit Union

    Hillsboro, OR
    5 days ago
  • $60k - $121.3k

     ...A leading regional financial institution is seeking a Senior Third Party Risk Analyst in Lake Elmo, MN. In this role, you will execute third-party risk management activities, focusing on compliance and relationship management with vendors. The ideal candidate will have... 
    Senior

    Old National Bank

    Lake Elmo, MN
    1 day ago
  •  ...OceanFirst Bank is looking for a Third-Party Risk Management professional based in Red Bank, NJ. You will be responsible for overseeing third-party risk assessments, ensuring compliance, and preparing risk reports. The ideal candidate has a Bachelor's degree in Supply... 
    Senior

    RadNet

    Red Bank, NJ
    4 days ago
  •  ...Northern Trust Company in Tempe, Arizona as part of the Chief Procurement Officer's team for Third Party Management. This role is focused on design and execution of third party risk management programs aligned with regulatory requirements. Key responsibilities include... 
    Senior

    001 The Northern Trust Company

    Tempe, AZ
    2 days ago
  • $105k - $120k

    United Nations Federal Credit Union seeks a skilled contributor to enhance its Third-Party Risk Management (TPRM) program. The role involves assessing and mitigating risks, ensuring compliance with regulations, and collaborating with various internal teams to support procurement... 
    Senior
    Work at office

    United Nations Federal Credit Union

    New York, NY
    4 days ago
  • OceanFirst Bank in Red Bank, NJ is seeking a professional to manage and assess third-party risk as part of their Operational Risk team. The ideal candidate will be responsible for analyzing vendor performance, ensuring compliance with regulatory standards, and creating... 
    Senior
    Local area

    OceanFirst Bank

    Red Bank, NJ
    5 days ago
  • $80k - $150k

     ...KeyCorp is looking for an Operational Risk Analyst V specializing in Third Party Management in Brooklyn, Ohio. The ideal candidate should have over 5 years of risk management experience and be skilled in regulatory guidance compliance. The role involves providing oversight... 
    Senior

    Dormont Manufacturing Company

    New York, NY
    4 days ago
  •  ...Citizens Bank is seeking a Third Party Risk Sr Analyst responsible for managing vendor assessment reviews and ensuring adherence to company policies. This role involves close collaboration with business leaders to evaluate vendor risks effectively. Applicants should possess... 
    Senior
    Work at office
    Remote work

    Citizens Bank

    Providence, RI
    5 days ago
  •  ...IBM is seeking a Third Party Strategic Advisor who will build strategic partnerships with senior business leaders. The role involves developing and implementing compliance policies while providing guidance on risk and regulatory matters, making a significant impact on... 
    Senior

    IBM

    San Diego, CA
    4 days ago
  • Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate vendors, shape security strategies, and improve workflows, reporting to the... 
    Senior

    Radar

    New York, NY
    19 days ago
  • Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-... 
    Senior

    Gilder Search Group

    Atlanta, GA
    4 days ago
  • Sky Mavis is seeking a Sr. GRC Analyst for third-party and human risk management in Tulsa, Oklahoma. This role focuses on identifying and mitigating risks from external vendors while implementing a strong security awareness program to cultivate a security-first culture... 
    Senior

    Sky Mavis

    Tulsa, OK
    17 hours ago
  • $150k - $175k

    Overview A Career with Point72’s Third-Party Risk Team The Third‑Party Risk Management Team at Point72 is responsible for overseeing the firm...  ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability efforts... 
    Work experience placement

    Point72

    New York, NY
    1 day ago
  •  ...alternative investment platform is seeking a Third Party Risk Specialist to support and enhance its enterprise...  ...emerging vendor risks, strengthening controls, and supporting scalable risk...  ...paced, collaborative environment with senior cross-functional stakeholders. #J-18... 

    Atlas Search

    New York, NY
    1 day ago
  • Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM... 
    Senior

    Gilder Search Group

    Saint Louis, MO
    4 days ago
  • Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant... 
    Senior

    Sky Mavis

    Phoenix, AZ
    1 day ago
  • $84.15k - $108.9k

     ...areas. Role Overview The Global Third‑Party Risk Management Team is seeking a Third‑Party Cyber Risk Specialist to assist in executing the...  ...general requests related to controls defined by Cboe’s standards and...  ...gaps and report findings to senior team members. Perform... 
    Work experience placement
    Work at office
    Immediate start

    Cboe Global Markets

    Chicago, IL
    3 days ago
  • Citi is seeking a Lead Analyst in New York to manage third-party risk and operational resilience. This role will involve overseeing risk frameworks and providing insights to senior leadership. Candidates should have over 6 years of experience in risk management and a strong... 
    Senior

    Citi

    New York, NY
    4 days ago
  • Sky Mavis is seeking a Senior GRC Analyst focused on Third-Party and Human Risk Management in St. Louis, Missouri. This role requires 6-8+ years of experience in Risk Assessment and Information Security, with strong analytical skills. You will lead the Vendor Risk Management... 
    Senior

    Sky Mavis

    Saint Louis, MO
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Third Party Risk & Controls Specialist. Be the first to apply!