Senior Analyst, Third-Party Risk Management (TPRM)
DoorDash USA
About the Team Come help us build the world's most trusted on-demand logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no-downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers. About the Role The Global Governance, Risk, and Compliance (GRC) team is looking for a technical, security-focused Third-Party Risk Management (TPRM) Sr. Analyst. If you are comfortable and have experience working in a fast-paced environment, taking ownership, and driving improvements in our security posture, we want to talk to you! You will report to the Manager, GRC within our Security organization. You’re excited about this opportunity because you will… Drive the continuous maturation of our TPRM program, transforming it from a reactive, compliance-focused function into a proactive, strategic security partnership. Architect and govern the security strategy for our BPO and contingent worker ecosystem, from developing and operationalizing continuous security standards to implementing & monitoring robust technical controls and ensuring strict compliance through rigorous due diligence and regular audit cycles. Design and build process automations, optimizing and scaling the TPRM program to meet the business’s fast-moving priorities. Pioneer and lead the Supplier Security AI Governance framework, evaluating critical third-party AI risks to ensure the secure implementation of AI tools across the business. Establish and own core program governance and build a centralized reporting function, delivering actionable key metrics, risk dashboards, and progress updates to leadership for continuous visibility into third-party risk exposure. Partner cross-functionally with security engineering, procurement, business, privacy, and legal teams to provide security advisory and lead risk assessments. Lead the end-to-end issues and remediation tracking process, following up on all security findings and exceptions from assessments to ensure accountability and timely closure of remediation items. Execute the core TPRM lifecycle (perform risk assessments, due diligence questionnaires, new vendor onboarding, contract and data protection agreement reviews) and partner with internal SMEs (Sourcing, Enterprise Security, IT) to refine internal policies and frameworks for scale. We’re excited about you because you have… 7+ years of progressive experience in security-focused TPRM methodologies, including owning or successfully leading a TPRM program for a fast-paced, high-growth company. Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field. Experience with program building, conducting security and/or assurance audits, controls, and risk assessments, and remediation management. Deep technical understanding and experience conducting comprehensive security risk and gap assessments of cloud, SaaS, including Artificial Intelligence (AI) solutions, and infrastructure vendors, and evaluating risks that impact data security and application resilience. Proficiency in the technical review of core security assurance documentation. This encompasses, but is not limited to, CAIQ, SIG, SOC 2 Type 2 reports, Penetration Test reports, and compliance attestations (e.g., ISO 27001, PCI-DSS, etc). Experience in the technical vetting of complex vendor solutions. This involves scrutiny of API integrations with critical internal systems ('crown-jewels'), security of cloud-native services (AWS/Azure/GCP), and assessing agentic/generative AI platforms for vulnerabilities, data leakage, and system resilience. Practical experience in assessing the unique risks associated with AI/ML models, including analysis of data provenance, identification of model poisoning risks, and ensuring the secure handling of proprietary data used for model training or fine-tuning. Experience with implementing major information security, privacy, and risk management frameworks (e.g. NIST, ISO, SOC 2). Experience managing security and compliance programs across broad GRC disciplines within a complex, global public company environment. Experience solving complex, systemic issues that require creative thinking and cross-functional collaboration. Experience managing vendor risk across the full relationship lifecycle, including periodic re-assessments, amendments, scope changes, and continuous monitoring. Excellent verbal and written communication skills with the ability to effectively translate technical risk findings into a clear business context for diverse audiences, including executive leadership. CISA, CISSP, CISM, or other industry certifications are a plus. We expect this position to be filled by 9/13/26. Compensation The successful candidate’s starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee’s work location. Ranges are market-dependent and may be modified in the future. In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information. DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others. To learn more about our benefits, visit our careers page here. See below for paid time off details: For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year. For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week). The national base pay range for this position within the United States, including Illinois and Colorado.
$132,600—$195,000 USD
About DoorDash At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more. Our Commitment to Diversity and Inclusion We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination. Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation. If you need any accommodations, please inform your recruiting contact upon initial connection. Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only We used Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provided Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023. We resumed using Covey Scout for Inbound again on June 29, 2024, and ceased using Covey Scout for Inbound on April 30, 2026. The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here:- Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant...Senior
- Mufgamericas is seeking a Third Party Risk Manager to execute the Third-Party Risk Management oversight across the Americas. This role reports to... ...Third-Party Management and focuses on ensuring compliance with TPRM policies throughout the lifecycle. The ideal candidate will...Senior
- ...the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Third‑Party & Human Risk Management (TPHRM) is a risk focused, highly analytical... ...ownership of the Third‑Party Risk Management (TPRM) process to gather details on the security practices...SeniorImmediate startFlexible hours
- A prominent firm in the tech sector is seeking a Senior Data Analyst to maintain dashboards and connect third-party applications. This remote position includes coordinating with developers for data analysis solutions and assisting the IT Director. The ideal candidate should...SeniorRemote job
- Gilder Search Group is looking for a Sr. GRC Analyst to manage Third-Party & Human Risk while ensuring risks are identified and treated satisfactorily. The role requires 6-8 years in risk assessment, with a bachelor's degree and required certifications expected. You'll...SeniorFlexible hours
- Western Alliance Bancorporation is seeking a Third-Party Operations Senior Professional to provide senior level operational leadership within TPMS Operations & Technology. You will manage projects, collaborate with stakeholders, and ensure operational consistency and compliance...Senior
- Mutual Insurance Company is seeking a Senior Risk Management Consultant to provide expert consulting services to its policyholders, including healthcare professionals and organizations. This role includes tasks such as offering risk management guidance and developing educational...Senior
$120k - $135k
The American Society for Healthcare Risk Management is seeking an experienced Senior Risk Management Consultant to provide high-value consultation and risk mitigation guidance. This role is ideal for someone with expertise in insurance defense or healthcare law, focusing...Senior- Western Alliance Bank is seeking a Senior Model Risk Analyst to join its Model Risk Management Group in Phoenix, Arizona. This role involves model validation, governance activities, and developing the bank’s Model Risk Management program. The ideal candidate has over 5...Senior
- Responsibilities Identify and maintain risks in alignment with Boeing’s risk taxonomy, continuously monitoring and managing risk exposure. Perform risk assessments by collaborating with first line of defense (1LOD) stakeholders to conduct and document risk evaluations;...Senior
$120k - $135k
Make a Meaningful Impact to Minimize MPL Risk At MICA, we partner with healthcare professionals to protect what matters most:... ...integrity, and the delivery of high-quality care. We are seeking a Senior Risk Management Consultant to join our team and serve as a trusted advisor...Senior- Skip Navigation Senior Risk Management Consultant Role Overview: The Senior Risk Management Consultant is a seasoned professional liability risk expert who delivers high-value consultation, education, and risk mitigation guidance to MICA’s insureds — physicians, other...SeniorWork at office
- ...Sr. GRC Analyst, Risk Management Under the direction of and in collaboration with the GRC Manager, the Sr. GRC Analyst, Risk Management is the primary owner and operational steward of the Enterprise Risk Register. This role is responsible for ensuring all identified...SeniorFor contractorsImmediate startFlexible hours
$83.43k - $222.48k
...Title: Senior Epic Analyst Department: Information Technology/Health Information Management Reports To: Epic Team Manager Summary The Senior Epic Analyst is a subject matter... ...and interoperability efforts with other third‑party applications and interfaces. Assist with after...SeniorHourly payFull timeTemporary workLocal area- Job Title: Third-Party Operations Senior Professional Location: Block 23 What you'll do: The Third-Party... ...role partners closely with Senior Management, oversees priority projects, and may... ...Professionals. Drive operational consistency, risk awareness, and issue resolution...SeniorContract work
- American Family Insurance is seeking a Senior Construction Defect Adjuster to manage complex, multi-party construction defect claims with emphasis on coverage analysis and risk transfer management. The role requires leadership in investigation, endorsements, and negotiation...SeniorRelocation package
$138k - $200k
...AI and Emerging Technology Risk Principal Analyst drives the strategic identification... ...s information assets. This senior individual contributor... ...risk posture and risk management strategy. Principal Risk Analysts... ...and initiatives. Oversee third‑party technology risk activities...Local areaRemote workMonday to FridayFlexible hours$46.99k - $112.2k
...Responsibilities HRIS Administration & System Management Administer and maintain HR systems,... ..., coordinating resolution with IT and third‑party providers as needed. Data Integrity, Governance... ...HR systems and workflows. Compliance & Risk Awareness: Maintains strong governance...SeniorHourly payFull timeTemporary workLocal area- Our firm is hiring a senior data analyst. The position will report to the firm's Director of Information Technology. The following skills... ...limited to: Maintaining and developing dashboards Connecting third party applications Coordinating with other developers as need to...SeniorRemote work
- ...Project Controls Sr Analyst - Cost The Project Controls Sr Analyst - Cost is a senior level position assigned to an Oil and Gas mega project working as... ...reporting. Leads change mgmt program. Leads risk analysis and management of risk register. Applies key scheduling processes...SeniorWork experience placementWork at officeHome officeLong distanceFlexible hoursShift work
$60k - $80k
...Revenue Analyst The primary purpose of the Revenue Analyst is to analyze financial... ...analytical support for the local Revenue Management team, while also providing support on... ...technical issues involving SAP and assigned third party software providers. This role...Work experience placementWork at officeLocal areaFlexible hours$80k
...our internal platform. You'll manage incident escalations, gather... ...proprietary back-end tools and third party system integrations Work... ..., fully executed agreement . Seniority level Seniority level Not Applicable... ...about new Product Operations Analyst jobs in Phoenix, AZ . Phoenix...16 hoursFull timeWork at officeWork from homeFlexible hours$87.7k - $164k
...Ernst & Young Oman is hiring a Cyber Triage and Forensics Incident Analyst in Phoenix, Arizona. In this senior role, you will lead technical security incident responses and perform digital forensic analysis, coordinating efforts to remediate security incidents. The ideal...Senior- ...Private Risk Advisor The USI Insurance Services Personal Risk Practice provides comprehensive risk management and insurance consultation to high net worth individuals and family... ...Engage, introduce and position value-added third-party subject matter experts in response to...Work at officeLocal area
- ...Hispanic Alliance for Career Enhancement is seeking a Senior Epic Analyst. This role acts as a subject-matter expert in Epic systems, responsible for leading complex projects and providing advanced technical support. You will analyze and implement Epic solutions to enhance...SeniorFull time
- " Job Overview Senior Operations Consultant (SOC) - responsible for managing one or more major operations segments within Bank of America’s internal operations, monitoring... ...- deliver clear and concise messages. Risk Manager - identify, elevate, and resolve potential...SeniorWork at officeWork from homeShift workNight shift
$90k - $100k
...Meaningful Moments that transform lives. Job Profile Summary The Senior Treasury Analyst is responsible for analyzing and interpreting financial... ...forecasts and developing effective cash and asset management strategies. Benefits Comprehensive medical, dental, and vision...SeniorTemporary workWork at officeFlexible hours- General Description The USI Insurance Services Personal Risk Practice provides comprehensive risk management and insurance consultation to high net worth... ...needs. Engage, introduce and position value‑added third‑party subject matter experts in response to client needs....Work at office
$135.85k
...Companies US, Inc. Job Title: Senior Preconstruction Data Analyst Job Location: Phoenix, AZ... ...find patterns, trends or risk that influence decision... ...across different departments; manage internal customer requests... ...recruitment agencies and third-party recruiters do not submit...SeniorFull timeContract workTemporary workWork at officeMonday to FridayFlexible hours- ...outstanding vendor requirements. Assist with contract extensions by managing submission and processing workflows. Validate and process... ...regularly. Top Skills: Experience in vendor management, third‑party risk, or operational risk roles. Basic understanding of SOC reports...Contract work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Analyst, Third-Party Risk Management (TPRM). Be the first to apply!
- senior quantitative risk analyst Phoenix, AZ
- it risk analyst Phoenix, AZ
- risk consultant Phoenix, AZ
- operational risk consultant Phoenix, AZ
- third party risk analyst Phoenix, AZ
- risk analyst Phoenix, AZ
- risk officer Phoenix, AZ
- governance risk & compliance analyst Phoenix, AZ
- risk compliance officer Phoenix, AZ
- operational risk specialist Phoenix, AZ

