Senior Analyst, Third-Party Risk Management (TPRM)
DoorDash USA
About the Team Come help us build the world's most trusted on-demand logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no-downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers. About the Role The Global Governance, Risk, and Compliance (GRC) team is looking for a technical, security-focused Third-Party Risk Management (TPRM) Sr. Analyst. If you are comfortable and have experience working in a fast-paced environment, taking ownership, and driving improvements in our security posture, we want to talk to you! You will report to the Manager, GRC within our Security organization. You’re excited about this opportunity because you will… Drive the continuous maturation of our TPRM program, transforming it from a reactive, compliance-focused function into a proactive, strategic security partnership. Architect and govern the security strategy for our BPO and contingent worker ecosystem, from developing and operationalizing continuous security standards to implementing & monitoring robust technical controls and ensuring strict compliance through rigorous due diligence and regular audit cycles. Design and build process automations, optimizing and scaling the TPRM program to meet the business’s fast-moving priorities. Pioneer and lead the Supplier Security AI Governance framework, evaluating critical third-party AI risks to ensure the secure implementation of AI tools across the business. Establish and own core program governance and build a centralized reporting function, delivering actionable key metrics, risk dashboards, and progress updates to leadership for continuous visibility into third-party risk exposure. Partner cross-functionally with security engineering, procurement, business, privacy, and legal teams to provide security advisory and lead risk assessments. Lead the end-to-end issues and remediation tracking process, following up on all security findings and exceptions from assessments to ensure accountability and timely closure of remediation items. Execute the core TPRM lifecycle (perform risk assessments, due diligence questionnaires, new vendor onboarding, contract and data protection agreement reviews) and partner with internal SMEs (Sourcing, Enterprise Security, IT) to refine internal policies and frameworks for scale. We’re excited about you because you have… 7+ years of progressive experience in security-focused TPRM methodologies, including owning or successfully leading a TPRM program for a fast-paced, high-growth company. Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field. Experience with program building, conducting security and/or assurance audits, controls, and risk assessments, and remediation management. Deep technical understanding and experience conducting comprehensive security risk and gap assessments of cloud, SaaS, including Artificial Intelligence (AI) solutions, and infrastructure vendors, and evaluating risks that impact data security and application resilience. Proficiency in the technical review of core security assurance documentation. This encompasses, but is not limited to, CAIQ, SIG, SOC 2 Type 2 reports, Penetration Test reports, and compliance attestations (e.g., ISO 27001, PCI-DSS, etc). Experience in the technical vetting of complex vendor solutions. This involves scrutiny of API integrations with critical internal systems ('crown-jewels'), security of cloud-native services (AWS/Azure/GCP), and assessing agentic/generative AI platforms for vulnerabilities, data leakage, and system resilience. Practical experience in assessing the unique risks associated with AI/ML models, including analysis of data provenance, identification of model poisoning risks, and ensuring the secure handling of proprietary data used for model training or fine-tuning. Experience with implementing major information security, privacy, and risk management frameworks (e.g. NIST, ISO, SOC 2). Experience managing security and compliance programs across broad GRC disciplines within a complex, global public company environment. Experience solving complex, systemic issues that require creative thinking and cross-functional collaboration. Experience managing vendor risk across the full relationship lifecycle, including periodic re-assessments, amendments, scope changes, and continuous monitoring. Excellent verbal and written communication skills with the ability to effectively translate technical risk findings into a clear business context for diverse audiences, including executive leadership. CISA, CISSP, CISM, or other industry certifications are a plus. We expect this position to be filled by 9/13/26. Compensation The successful candidate’s starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee’s work location. Ranges are market-dependent and may be modified in the future. In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information. DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others. To learn more about our benefits, visit our careers page here. See below for paid time off details: For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year. For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week). The national base pay range for this position within the United States, including Illinois and Colorado.
$132,600—$195,000 USD
About DoorDash At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more. Our Commitment to Diversity and Inclusion We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination. Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation. If you need any accommodations, please inform your recruiting contact upon initial connection. Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only We used Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provided Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023. We resumed using Covey Scout for Inbound again on June 29, 2024, and ceased using Covey Scout for Inbound on April 30, 2026. The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here:- Crowe is seeking a Manager - Third Party Risk to oversee TPRM engagements, ensuring quality assessment and risk mitigation. The successful candidate will lead teams, manage client relationships, and guide project execution while supporting career development among team...SeniorRemote work
- ...Senior Analyst, Cybersecurity GRC, Chicago, IL The Senior Analyst, Cybersecurity GRC will administer... ...processes, and procedures implemented for managed systems and applications, as well as support Third Party Risk Management (TPRM) and Governance and Risk functions in...SeniorWork experience placement
- Crowe is seeking a Manager for Third Party Risk Management in Chicago, Illinois. This role is vital for the leadership of Third Party Risk Management (TPRM) engagements, which involve oversight of third‑party assessments and working closely with client leadership. The...SuggestedRemote job
- ...Trust is seeking a professional to support Third-Party Risk governance within the 1st Line of Defence. You will work with Vendor Managers to ensure policy adherence, provide... ...guidance, and escalate concerning trends to Senior Management. Requirements include a college...Senior
$95.6k - $162.4k
Northern Trust Corp in Chicago is looking for a Senior Consultant in Third Party Risk Management. The role involves overseeing governance, ensuring compliance with risk policies, and supporting audit engagements. Candidates should possess strong analytical skills and understanding...SeniorFull time$60k - $121.3k
...growing, community and client-focused company that is firmly rooted in its core values. Responsibilities The Third-Party Risk Management (TPRM) Senior Analyst is responsible for executing third‑party risk management activities across a portfolio of vendors, supporting...SeniorWork at office$67.5k - $111.5k
Northern Trust Corp in Chicago is seeking a Consultant for Procurement and Third-Party Governance & Compliance. This role assists with audits, regulatory support, and risk management activities related to third-party risks. Candidates should possess a Bachelor’s degree...- Old National Bank is seeking a Third-Party Risk Management Senior Analyst responsible for overseeing third-party risk management activities and ensuring compliance with regulatory standards. This role involves managing vendor relationships and supporting internal stakeholders...SeniorWork at office
$129k - $161k
...high performing talent to deliver against the mission of the Third Party Risk Management organization and achieve strategic success. OVERALL PURPOSE... ...satisfy requirements of the Third-Party Risk Management (TPRM) program, including program projects and initiatives. Responsibilities...SeniorHourly payFull timeWork at officeImmediate startVisa sponsorshipWork visaFlexible hours$95.6k - $162.4k
...service. Responsibilities Involved in the Third-Party Risk governance framework in the 1st Line of... ...emerging risks. Works with Vendor Managers to ensure that Third Party Risk policies... ...Business. Escalates any concerning trends to Senior Management. This may include (but not...SeniorWork experience placementLocal areaFlexible hours$69k - $136.5k
...Description:The Workday Absence & HCM Senior Analyst will be responsible for... ...documentation and project management support, as needed. They... ...their goals with tax, advisory, risk and performance services.... ...sourcing entity or any other third-party paid service at any time....SeniorLocal areaWorldwide$75k - $110k
...work together to design, implement, and manage customized solutions for business processes... ...including legal process compliance and third‑party requests for access to user data. Our... ...meeting deadlines, reporting compliance risks, and communicating engagement status to...SeniorTemporary workCurrently hiringWork at officeRemote workFlexible hours$84.2k - $131k
...qualitative factors driving the credit risk for consumer & mortgage loans. Perform evaluation... ..., implementation and monitoring of third‑party and in‑house scoring solutions. Perform... ..., preparing underwriting and account management presentations to management for review and...SeniorFull timeTemporary workPart timeWork from home3 days per week- ...Overview We are seeking a detail-oriented and analytical Third-Party Risk Analyst to support our risk management program. This role is responsible for reviewing client contracts for security and compliance requirements, assessing vendor and third-party risks, and maintaining...Contract work
$112.48k - $146.54k
...history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in... ...enabling secure and resilient systems, managing threats and vulnerabilities, and... ...Job overview and responsibilities The Senior Analyst, Insider Threat, is responsible for advancing...SeniorHourly payRemote work$112.48k - $146.54k
...history. Join our Cybersecurity and Digital Risk (CDR) team to help lead the industry in... ...enabling secure and resilient systems, managing threats and vulnerabilities, and... ...Job overview and responsibilities The Senior Analyst, Data Protection, is responsible for advancing...SeniorHourly payRemote work$84.15k - $108.9k
...our people to “go for it” and equip our managers with the training to coach their teams... ...iconic areas. Role Overview The Global Third‑Party Risk Management Team is seeking a Third‑... ...or security gaps and report findings to senior team members. Perform comprehensive security...Work experience placementWork at officeImmediate start- Oliver James Associates Ltd. is seeking a Risk Management Specialist to join a growing Enterprise Risk Management function. This role offers broad exposure across third‑party risk management, fraud investigations, enterprise risk reporting, and regulatory compliance support...
$54k - $103k
...key business functions to deliver insights driven by Risk Management Information System (RMIS) and Third‑Party Administrator (TPA) data. This role ensures the... ...and evaluate operational changes. Report findings to senior consultants and make recommendations to management....Work experience placementWork at officeFlexible hours2 days per week- A leading risk management firm in Chicago is seeking a detail-oriented Third-Party Risk Analyst. This role involves reviewing client and vendor contracts for security and compliance, assessing vendor risks, and maintaining security policies aligned with regulations. The...Contract work
$62k - $82k
Sr. Analyst, Thermal Settlements and Portfolio Analytics Invenergy is North America's largest... ...Analytics will be reporting to the Manager of Thermal Settlements and Portfolio Analytics... ..., International Settlements and Risk Management. The role will support efforts...SeniorLocal area- Citizenship US Citizens and Green Card holders. No third-party subcontractors. Sr. Business Analyst We are currently working with our client in Los Angeles... .... Knowledge of the master data Material Management, Production Planning and Sales and Distribution business...SeniorPermanent employmentFor subcontractor
- ...Saravanakumar at (***) ***-**** Title: Senior Project Manager Duration: 6 Months (with... ...candidates are eligible for this position. Third-party or C2C candidates will not be considered... ...vendors, ensuring effective communication, risk management, resource allocation, and...Senior
$119k - $193k
Phase2 Technology is seeking a Senior Analyst to conduct research and provide strategic advice to risk management leaders. The ideal candidate will possess a deep understanding of risk management trends, practices, and compliance management. This role involves producing...Senior$154.2k - $328.4k
Marsh Risk is seeking a Sr. Client Advisor for their Marine practice based in Chicago, offering hybrid work. The ideal candidate will... ...along with broker or underwriting experience. This role involves managing complex accounts, maintaining client relationships, and advising...Senior$86.6k - $162.9k
A leading specialty insurance company is seeking a Risk Engineering Senior/Executive Consultant to evaluate property risk and provide risk management services. This role is remote for Midwest residents and requires extensive experience in multi-line insurance. The ideal...SeniorRemote job$100.32k - $164.16k
...leading health company located in Chicago is seeking an Actuarial Analyst III to complete diverse and complex actuarial studies. This position involves analyzing and implementing risk contracts, preparing management reports, and training actuarial trainees. The ideal...SeniorTraineeship- Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm’s... ...pivotal role in enhancing our compliance and operational risk management. Your expertise in test execution will be crucial in managing and...Senior
- ...Senior Treasury Analyst The Treasury team is a critical part of Antares, responsible for managing all aspects of Antares' liquidity. This includes... ...rating agencies, auditors, third-party vendors, and trustees in... ...with Antares Operations, Risk teams, and IT, the Treasury...SeniorWork at office
$90k - $115k
...Hybrid work Job Id: 53911 Senior Benefits Analyst At Bel, we are not just a... ...and resolves nuanced compliance risks, and partners with management to drive continuous improvement of... ...for escalated cases from HRBPs, third-party employee support services, and vendors...SeniorContract workWork at officeLocal area
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Analyst, Third-Party Risk Management (TPRM). Be the first to apply!
- senior quantitative risk analyst Chicago, IL
- information risk analyst Chicago, IL
- it risk analyst Chicago, IL
- risk consultant Chicago, IL
- operational risk consultant Chicago, IL
- third party risk analyst Chicago, IL
- risk analyst Chicago, IL
- risk officer Chicago, IL
- transaction risk analyst Chicago, IL
- governance risk & compliance analyst Chicago, IL


