Senior Third Party Risk & Controls Specialist [Remote]
$95.6k - $143.4kjobgether
- Remote job
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Third Party Risk & Controls Specialist based in the United States.
This role focuses on strengthening enterprise security by assessing third-party applications, vendor ecosystems, and emerging technologies.
The position combines technical security expertise with risk management, identity governance, and application security practices.
You will evaluate security controls, integration architectures, and access models to help reduce organizational risk.
The role provides the opportunity to influence security strategies around SaaS platforms, APIs, AI technologies, and enterprise applications.
You will collaborate with cross-functional teams including security, procurement, legal, engineering, and business stakeholders.
This is a remote opportunity designed for professionals who thrive in complex, high-impact security environments.
Accountabilities:
The Senior Third Party Risk & Controls Specialist will be responsible for evaluating and improving security across external applications, vendors, and enterprise integrations while supporting broader identity and access management initiatives.
- Conduct in-depth technical security assessments of third-party applications, vendors, and service providers beyond standard questionnaire-based reviews.
- Analyze API security, authentication mechanisms, data flows, and integration architectures to identify potential risks and vulnerabilities.
- Assess security considerations related to generative AI technologies, including model risks, data privacy concerns, and information exposure.
- Review security documentation, architecture diagrams, and technical controls to provide actionable risk recommendations and mitigation strategies.
- Evaluate enterprise application risks, including Shadow IT discovery, browser extensions, and unsanctioned software usage.
- Support identity and access management initiatives involving role-based access control, least privilege principles, application permissions, and identity governance.
- Review OAuth grants, SAML configurations, API keys, service accounts, certificates, and other non-human identity controls.
- Collaborate with procurement, legal, engineering, and business teams to support vendor onboarding, monitoring, and security improvement efforts.
- Contribute to security reviews, compliance initiatives, and technical due diligence activities across enterprise systems.
- Communicate findings clearly and help stakeholders implement practical security guardrails.
Requirements:
The ideal candidate brings a strong background in application security, third-party risk management, cloud security, and identity security, with the ability to evaluate complex technical environments and communicate effectively with both technical and business teams.
- 5+ years of experience in application security, vendor risk management, cloud security, cybersecurity, or a related discipline.
- Strong understanding of security frameworks such as NIST CSF, ISO 27001, SOC 2, and related compliance standards.
- Experience assessing API security, including REST, GraphQL, authentication, and authorization mechanisms.
- Solid knowledge of IAM concepts including RBAC, ABAC, least privilege access, OAuth 2.0, and SAML.
- Experience managing risks related to non-human identities, including service accounts, API tokens, and certificates.
- Understanding of SaaS architectures, enterprise applications, integration security, and access control models.
- Familiarity with generative AI security risks and emerging threats affecting AI-powered applications.
- Experience supporting technical due diligence, supplier security programs, or third-party risk initiatives is preferred.
- Strong analytical, organizational, prioritization, and project management skills in a fast-paced environment.
- Excellent written and verbal communication skills with the ability to collaborate across multiple teams.
- Knowledge of privacy and compliance requirements such as GDPR, CCPA, or HIPAA is a plus.
- Relevant security certifications such as CISSP, CCSP, CISM, or CRISC are advantageous.
Benefits:
- Competitive annual compensation range of approximately $95,600 - $143,400 USD , depending on experience, qualifications, and job-related factors.
- Comprehensive benefits package designed to support employee health, financial wellbeing, and professional growth.
- Flexible remote work environment with opportunities for collaboration and team connection.
- Access to professional development resources and career growth opportunities.
- Potential eligibility for equity participation through company stock programs.
- Supportive workplace culture focused on transparency, innovation, inclusion, and continuous learning.
- Additional benefits and perks aligned with employee wellbeing and long-term success.
How Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
$95.6k - $143.4k
Role Description HubSpot is seeking a Senior Third Party Risk & Integration Security Engineer to join our expanding IAM, Third Party Risk Management... ...will conduct technical assessments of vendor security controls while also supporting broader software management and...SeniorFull timeFor contractorsRemote work$115k - $130k
...Description We are looking for a Sr. Third Party Risk Specialist to own and evolve PNM’s third-party risk... ...for someone who can operate at a senior level—balancing expert risk analysis,... ...operationalization of third party security risk controls ~Communicate complex vendor risk...SeniorFull timeWork from homeFlexible hours$95.6k - $162.4k
Northern Trust Corp in Chicago is looking for a Senior Consultant in Third Party Risk Management. The role involves overseeing governance, ensuring compliance with risk policies, and supporting audit engagements. Candidates should possess strong analytical skills and understanding...SeniorFull time$26 - $38 per hour
...Job Title Our client is seeking a Senior Analyst, Third Party Risk Management to join their team! This position is remote. Core Responsibilities... ...assist with the implementation and maturation of related controls and workflows Partner cross-functionally with...SeniorLocal areaRemote work- ...Technologist in Hartford, Connecticut. In this role, you will be responsible for analyzing and managing cyber-related risks associated with third-party vendors. You will need a Bachelor’s Degree in a STEM field and five years of relevant cybersecurity experience. A strong...Senior
$105k - $120k
...development and maturation of the Credit Union’s Third-Party Risk Management (TPRM) program, ensuring... ...location. What You'll Do Regardless of seniority or role, uphold UNFCU’s mission, core... ...reporting mechanisms, and the overall control environment driving efficiency and...SeniorContract workWork at officeLocal area- ...Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web... ..., first line team within the Markets Operational Risk & Control group at Client and is responsible for developing, implementing...SeniorContract work
- Atlas Search is seeking a Third Party Risk Specialist in New York to enhance its enterprise-wide vendor risk management program. This individual will oversee third-party risk processes across various teams including Compliance and Operations. With over 10 years of experience...Senior
- ...this position is to support the assessment and oversight of Third‑Party Risk, as a component of Operational Risk, and to enhance the Bank'... ...This includes analysis of processes to identify key risks and controls associated with third‑party relationships as well as aggregate...SeniorWork at officeLocal area
- ...drivers. About the Role The Global Governance, Risk, and Compliance (GRC) team is looking for a technical, security-focused Third-Party Risk Management (TPRM) Sr. Analyst. If you... ...implementing & monitoring robust technical controls and ensuring strict compliance through...SeniorHourly payContract workWork at officeLocal areaRemote workFlexible hours
- ...As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance... ...adequacy and effectiveness of the test control processes in place. The role holder delivers... ...include Collaborating with senior management to influence key decisions....SeniorWork at officeLocal areaRemote work
- ...Administer and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments, issue tracking, reporting... ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability...
$70k - $90k
...iCapital is looking to hire a Vendor Risk Specialist to join the Information Security team.... ...a small team to evaluate the risk of third-party vendors. Vendor risk includes information... ...including evaluation of vendor controls, practices, process enhancements, and...Full timeWork at officeRemote work$60k - $121.3k
...A leading regional financial institution is seeking a Senior Third Party Risk Analyst in Lake Elmo, MN. In this role, you will execute third-party risk management activities, focusing on compliance and relationship management with vendors. The ideal candidate will have...Senior- ...First Tech Federal Credit Union in Hillsboro, OR seeks a Senior Third-Party Risk Management Analyst to ensure compliance and perform risk assessments on third-party relationships. The role involves monitoring third-party activities and providing recommendations for compliance...Senior
- ...OceanFirst Bank is looking for a Third-Party Risk Management professional based in Red Bank, NJ. You will be responsible for overseeing third-party risk assessments, ensuring compliance, and preparing risk reports. The ideal candidate has a Bachelor's degree in Supply...Senior
- ...Citizens Bank is seeking a Third Party Risk Sr Analyst responsible for managing vendor assessment reviews and ensuring adherence to company policies. This role involves close collaboration with business leaders to evaluate vendor risks effectively. Applicants should possess...SeniorWork at officeRemote work
- Northern Trust is seeking a professional to support Third-Party Risk governance within the 1st Line of Defence. You will work with Vendor Managers... ...actionable guidance, and escalate concerning trends to Senior Management. Requirements include a college degree and 5-7...Senior
- ...Northern Trust Company in Tempe, Arizona as part of the Chief Procurement Officer's team for Third Party Management. This role is focused on design and execution of third party risk management programs aligned with regulatory requirements. Key responsibilities include...Senior
- Fifth Third Bank is seeking a Senior Analyst, Sourcing in Cincinnati, Ohio. The role focuses on managing third-party risk and facilitating the onboarding process for vendor relationships. Candidates should have a strong background in Vendor Management and excellent communication...Senior
- OceanFirst Bank in Red Bank, NJ is seeking a professional to manage and assess third-party risk as part of their Operational Risk team. The ideal candidate will be responsible for analyzing vendor performance, ensuring compliance with regulatory standards, and creating...SeniorLocal area
$105k - $120k
United Nations Federal Credit Union seeks a skilled contributor to enhance its Third-Party Risk Management (TPRM) program. The role involves assessing and mitigating risks, ensuring compliance with regulations, and collaborating with various internal teams to support procurement...SeniorWork at office- Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM...Senior
- Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-...Senior
- Sky Mavis is seeking a Sr. GRC Analyst for third-party and human risk management in Tulsa, Oklahoma. This role focuses on identifying and mitigating risks from external vendors while implementing a strong security awareness program to cultivate a security-first culture...Senior
- Sky Mavis is seeking a Senior GRC Analyst focused on Third-Party and Human Risk Management in St. Louis, Missouri. This role requires 6-8+ years of experience in Risk Assessment and Information Security, with strong analytical skills. You will lead the Vendor Risk Management...Senior
- Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate vendors, shape security strategies, and improve workflows, reporting to the...Senior
- Citi is seeking a Lead Analyst in New York to manage third-party risk and operational resilience. This role will involve overseeing risk frameworks and providing insights to senior leadership. Candidates should have over 6 years of experience in risk management and a strong...Senior
- Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant...Senior
- Summary Pinnacle Group is seeking a Risk Specialist to support third-party IT risk management and technology vendor assessment activities. This role... ...vendor assessments focused on technology, security, and IT control environments. Evaluate vendor risk posture by...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Third Party Risk & Controls Specialist [Remote]. Be the first to apply!
- senior quantitative risk analyst United States
- information risk analyst United States
- quantitative risk analyst United States
- it risk analyst United States
- risk consultant United States
- operational risk consultant United States
- third party risk analyst United States
- risk analyst United States
- risk analyst intern United States
- risk officer United States



