Senior Analyst, Third-Party Risk Management (TPRM)
DoorDash USA
About the Team Come help us build the world's most trusted on-demand logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no-downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers. About the Role The Global Governance, Risk, and Compliance (GRC) team is looking for a technical, security-focused Third-Party Risk Management (TPRM) Sr. Analyst. If you are comfortable and have experience working in a fast-paced environment, taking ownership, and driving improvements in our security posture, we want to talk to you! You will report to the Manager, GRC within our Security organization. You’re excited about this opportunity because you will… Drive the continuous maturation of our TPRM program, transforming it from a reactive, compliance-focused function into a proactive, strategic security partnership. Architect and govern the security strategy for our BPO and contingent worker ecosystem, from developing and operationalizing continuous security standards to implementing & monitoring robust technical controls and ensuring strict compliance through rigorous due diligence and regular audit cycles. Design and build process automations, optimizing and scaling the TPRM program to meet the business’s fast-moving priorities. Pioneer and lead the Supplier Security AI Governance framework, evaluating critical third-party AI risks to ensure the secure implementation of AI tools across the business. Establish and own core program governance and build a centralized reporting function, delivering actionable key metrics, risk dashboards, and progress updates to leadership for continuous visibility into third-party risk exposure. Partner cross-functionally with security engineering, procurement, business, privacy, and legal teams to provide security advisory and lead risk assessments. Lead the end-to-end issues and remediation tracking process, following up on all security findings and exceptions from assessments to ensure accountability and timely closure of remediation items. Execute the core TPRM lifecycle (perform risk assessments, due diligence questionnaires, new vendor onboarding, contract and data protection agreement reviews) and partner with internal SMEs (Sourcing, Enterprise Security, IT) to refine internal policies and frameworks for scale. We’re excited about you because you have… 7+ years of progressive experience in security-focused TPRM methodologies, including owning or successfully leading a TPRM program for a fast-paced, high-growth company. Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field. Experience with program building, conducting security and/or assurance audits, controls, and risk assessments, and remediation management. Deep technical understanding and experience conducting comprehensive security risk and gap assessments of cloud, SaaS, including Artificial Intelligence (AI) solutions, and infrastructure vendors, and evaluating risks that impact data security and application resilience. Proficiency in the technical review of core security assurance documentation. This encompasses, but is not limited to, CAIQ, SIG, SOC 2 Type 2 reports, Penetration Test reports, and compliance attestations (e.g., ISO 27001, PCI-DSS, etc). Experience in the technical vetting of complex vendor solutions. This involves scrutiny of API integrations with critical internal systems ('crown-jewels'), security of cloud-native services (AWS/Azure/GCP), and assessing agentic/generative AI platforms for vulnerabilities, data leakage, and system resilience. Practical experience in assessing the unique risks associated with AI/ML models, including analysis of data provenance, identification of model poisoning risks, and ensuring the secure handling of proprietary data used for model training or fine-tuning. Experience with implementing major information security, privacy, and risk management frameworks (e.g. NIST, ISO, SOC 2). Experience managing security and compliance programs across broad GRC disciplines within a complex, global public company environment. Experience solving complex, systemic issues that require creative thinking and cross-functional collaboration. Experience managing vendor risk across the full relationship lifecycle, including periodic re-assessments, amendments, scope changes, and continuous monitoring. Excellent verbal and written communication skills with the ability to effectively translate technical risk findings into a clear business context for diverse audiences, including executive leadership. CISA, CISSP, CISM, or other industry certifications are a plus. We expect this position to be filled by 9/13/26. Compensation The successful candidate’s starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee’s work location. Ranges are market-dependent and may be modified in the future. In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information. DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others. To learn more about our benefits, visit our careers page here. See below for paid time off details: For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year. For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week). The national base pay range for this position within the United States, including Illinois and Colorado.
$132,600—$195,000 USD
About DoorDash At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more. Our Commitment to Diversity and Inclusion We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination. Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation. If you need any accommodations, please inform your recruiting contact upon initial connection. Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only We used Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provided Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023. We resumed using Covey Scout for Inbound again on June 29, 2024, and ceased using Covey Scout for Inbound on April 30, 2026. The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here:$105k - $120k
...and maturation of the Credit Union’s Third-Party Risk Management (TPRM) program, ensuring alignment with... ...location. What You'll Do Regardless of seniority or role, uphold UNFCU’s mission,... ...a designated alternate to the TPRM analyst in the vendor management review and...SeniorContract workWork at officeLocal area$105k - $120k
United Nations Federal Credit Union seeks a skilled contributor to enhance its Third-Party Risk Management (TPRM) program. The role involves assessing and mitigating risks, ensuring compliance with regulations, and collaborating with various internal teams to support procurement...SeniorWork at office- ...Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web Cam Interview $70-$75/Hr on W2 Third Party Risk is a global, first line team within the Markets Operational Risk & Control...SeniorContract work
- Atlas Search is seeking a Third Party Risk Specialist in New York to enhance its enterprise-wide vendor risk management program. This individual will oversee third-party risk processes across various teams including Compliance and Operations. With over 10 years of experience...Senior
- Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to... ...GRC and Trust Lead. A passion for risk management and emerging tech is essential for...Senior
- Citi is seeking a Lead Analyst in New York to manage third-party risk and operational resilience. This role will involve overseeing risk frameworks and providing insights to senior leadership. Candidates should have over 6 years of experience in risk management and a strong...Senior
- ...Senior Analyst, Cybersecurity GRC, New York, NY The Senior Analyst, Cybersecurity GRC will administer... ...processes, and procedures implemented for managed systems and applications, as well as support Third Party Risk Management (TPRM) and Governance and Risk functions in...SeniorWork experience placement
- ...Administer and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments, issue tracking, reporting, and continuous process optimization. Oversee the day-to-day operations of the firm’s TPRM program, including vendor profile...
$150k - $175k
Overview A Career with Point72’s Third-Party Risk Team The Third‑Party Risk Management Team at Point72 is responsible for overseeing the firm’s third‑party risk... ...and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments...Work experience placement- A global risk management firm is seeking an experienced Risk Officer for their New York office... ...drive compliance and risk oversight of third-party relationships, alongside managing strategic... ...deliverables to enhance the firm's TPRM framework. Ideal applicants will have 4...Work at office
- UNFCU is seeking a TPRM professional to contribute to the development and maturation of its Third-Party Risk Management program. The role involves overseeing the end-to-end risk assessment process and collaborating with various internal teams to manage risk effectively...SeniorWork at office
- ...alternative investment platform is seeking a Third Party Risk Specialist to support and enhance its enterprise-wide vendor risk management program. This individual will play a key... ...-paced, collaborative environment with senior cross-functional stakeholders. #J-18808-Ljbffr...
- Radar Labs, Inc. is seeking a Senior GRC Analyst to enhance their security and compliance programs with a focus on third-party risk. This role involves collaborating with multiple... ...SaaS and AI tools, and improving risk management workflows. The ideal candidate has over...SeniorFlexible hours
- ...one of the largest asset managers in Asia and number one among... .... governance and overseas risk management, in... ...Your Role Overview: The Third-Party Risk Management (TPRM) Officer is responsible for... ...indicators) for committees and senior management. Issue Management...Contract workWork at officeLocal areaWork from homeOverseasFlexible hours2 days per week
- A leading global financial institution is looking for a TPRM Specialist in New York to oversee the Third-Party Risk Management program. This hybrid role involves assessing and mitigating risks, tracking compliance, collaborating with various teams, and supporting contract...SeniorContract work
$80.55k - $115k
...Join to apply for the Third Party Risk Analyst : Advisory role at Jack Henry Join to apply for the... ...Jack Henry’s Third-Party Risk Management (TPRM) program, providing strategic oversight... ...Management (TPRM) strategy. Partner with senior leadership to evaluate and enhance...Full timeWork at officeLocal areaRemote work- ...Objectives: Identify and monitor risk from the firm’s verticals to understand... ...focus on creating a proactive risk management culture, embedding risk awareness into... ...Officer to work within the global Third-Party Risk Management (“TPRM”) team in our New York / Boston office...Work experience placementWork at office
$129k - $161k
...high performing talent to deliver against the mission of the Third Party Risk Management organization and achieve strategic success. OVERALL PURPOSE... ...satisfy requirements of the Third-Party Risk Management (TPRM) program, including program projects and initiatives. Responsibilities...SeniorHourly payFull timeWork at officeImmediate startVisa sponsorshipWork visaFlexible hours$185k - $230k
...experienced Sr Account Executive -Third Party Originations to help grow and... ...union. Job Duties Build, manage, and grow relationships with... ...and resolve pipeline risks, conditions, and bottlenecks... ...clients, member support team, and senior leadership. Demonstrated effective...SeniorFull timeRemote work$60.8k - $93.6k
...specific goals, build targeting, and executional recommendations. Manage CTV strategists and managers to ensure best practices are... ...participate in our freelancer/temporary employee medical plan through a third‑party benefits administration system once certain criteria have been...SeniorTemporary workFreelanceWork at officeLocal areaFlexible hours$90.9k - $122.7k
...Hines. Responsibilities The Senior Analyst, Sustainability Reporting, assists... ...across fund and asset managers, development project managers... ...process areas or required third‑party reporting frameworks: investment... ..., taking calculated risks aligned with our convictions...SeniorWork at officeLocal areaRemote work1 day per week- Commercial real estate finance platform seeking a Senior Analyst to support HUD multifamily underwriting, analyze property-level financials... ...new construction, bridge loans, and refinancing. Review third-party reports such as appraisals, market studies, environmental reports...Senior
$97k - $132k
...makes you unique is welcome; join us and let’s build what’s next – together! As our new Third Party Risk Analyst , you will play a critical role in protecting Anaplan by managing the risks associated with our third‑party suppliers and reporting to our legal team. You...$109k - $124.4k
Senior Business Analyst - Technology Risk Management Join to apply for the Senior Business Analyst - Technology Risk Management role at Capital One Senior... ...provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other...SeniorFull timeTemporary workPart timeWork at officeLocal area$75k - $100k
...available at Who are we hiring? The Senior Analyst will be responsible for assisting with... ..., equity investments and the management of existing portfolio of equity investments... ...coordinate external communications with key third-party partners and advisors as well internal...SeniorFull timeWork at officeLocal areaFlexible hoursShift work$177.7k - $202.8k
...Senior Manager, Risk Management - Policy Analyst Capital One is one of the fastest growing organizations in the world today, powered by our passion for... ..., endorse nor guarantee and is not liable for third-party products, services, educational tools or other information...SeniorFull timePart timeLocal area- Danaher Corporation is seeking a Senior Analyst Materials / Planning to manage inventories for Third Party Operations across North America. The role reports to the Manager of Finished Goods Planning and will be fully remote to cover North America. Responsibilities include...SeniorRemote job
- ...Strategy team works directly with Agoda’s management team to provide business critical... ...level. You will get to work closely with senior executives across functions - such as product... ...of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited...SeniorFull timeWork experience placementLive inWorldwideRelocation
$110k - $230k
JOB TITLE Senior Actuary EMPLOYER A-CAP Services LLC DEPARTMENT Finance REPORTS... ...is a leading provider of capital and third-party asset management solutions. Through our synergistic platform... ...through the industry-leading risk-adjusted returns we achieve, and the innovative...SeniorFull timeTemporary workImmediate startWork visaMonday to Friday- ...the secure identity company of the future. As a Cybersecurity Risk Analyst II, you’ll strengthen CLEAR's security posture by identifying, assessing, and reducing cyber risk across our products and third‑party ecosystem. Partner with Engineering, Product, Privacy, Legal,...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Analyst, Third-Party Risk Management (TPRM). Be the first to apply!
- senior quantitative risk analyst New York, NY
- information risk analyst New York, NY
- quantitative risk analyst New York, NY
- it risk analyst New York, NY
- risk consultant New York, NY
- operational risk consultant New York, NY
- third party risk analyst New York, NY
- risk analyst New York, NY
- risk analyst intern New York, NY
- risk officer New York, NY

