Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Third Party Risk & Controls Specialist [Remote]

$95.6k - $143.4k
Full-time

jobgether

United States
  • Remote job

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Third Party Risk & Controls Specialist based in the United States.

This role focuses on strengthening enterprise security by assessing third-party applications, vendor ecosystems, and emerging technologies.
The position combines technical security expertise with risk management, identity governance, and application security practices.
You will evaluate security controls, integration architectures, and access models to help reduce organizational risk.
The role provides the opportunity to influence security strategies around SaaS platforms, APIs, AI technologies, and enterprise applications.
You will collaborate with cross-functional teams including security, procurement, legal, engineering, and business stakeholders.
This is a remote opportunity designed for professionals who thrive in complex, high-impact security environments.

Accountabilities:

The Senior Third Party Risk & Controls Specialist will be responsible for evaluating and improving security across external applications, vendors, and enterprise integrations while supporting broader identity and access management initiatives.

  • Conduct in-depth technical security assessments of third-party applications, vendors, and service providers beyond standard questionnaire-based reviews.
  • Analyze API security, authentication mechanisms, data flows, and integration architectures to identify potential risks and vulnerabilities.
  • Assess security considerations related to generative AI technologies, including model risks, data privacy concerns, and information exposure.
  • Review security documentation, architecture diagrams, and technical controls to provide actionable risk recommendations and mitigation strategies.
  • Evaluate enterprise application risks, including Shadow IT discovery, browser extensions, and unsanctioned software usage.
  • Support identity and access management initiatives involving role-based access control, least privilege principles, application permissions, and identity governance.
  • Review OAuth grants, SAML configurations, API keys, service accounts, certificates, and other non-human identity controls.
  • Collaborate with procurement, legal, engineering, and business teams to support vendor onboarding, monitoring, and security improvement efforts.
  • Contribute to security reviews, compliance initiatives, and technical due diligence activities across enterprise systems.
  • Communicate findings clearly and help stakeholders implement practical security guardrails.

Requirements:

The ideal candidate brings a strong background in application security, third-party risk management, cloud security, and identity security, with the ability to evaluate complex technical environments and communicate effectively with both technical and business teams.

  • 5+ years of experience in application security, vendor risk management, cloud security, cybersecurity, or a related discipline.
  • Strong understanding of security frameworks such as NIST CSF, ISO 27001, SOC 2, and related compliance standards.
  • Experience assessing API security, including REST, GraphQL, authentication, and authorization mechanisms.
  • Solid knowledge of IAM concepts including RBAC, ABAC, least privilege access, OAuth 2.0, and SAML.
  • Experience managing risks related to non-human identities, including service accounts, API tokens, and certificates.
  • Understanding of SaaS architectures, enterprise applications, integration security, and access control models.
  • Familiarity with generative AI security risks and emerging threats affecting AI-powered applications.
  • Experience supporting technical due diligence, supplier security programs, or third-party risk initiatives is preferred.
  • Strong analytical, organizational, prioritization, and project management skills in a fast-paced environment.
  • Excellent written and verbal communication skills with the ability to collaborate across multiple teams.
  • Knowledge of privacy and compliance requirements such as GDPR, CCPA, or HIPAA is a plus.
  • Relevant security certifications such as CISSP, CCSP, CISM, or CRISC are advantageous.

Benefits:

  • Competitive annual compensation range of approximately $95,600 - $143,400 USD , depending on experience, qualifications, and job-related factors.
  • Comprehensive benefits package designed to support employee health, financial wellbeing, and professional growth.
  • Flexible remote work environment with opportunities for collaboration and team connection.
  • Access to professional development resources and career growth opportunities.
  • Potential eligibility for equity participation through company stock programs.
  • Supportive workplace culture focused on transparency, innovation, inclusion, and continuous learning.
  • Additional benefits and perks aligned with employee wellbeing and long-term success.

How Jobgether works:

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Senior Third Party Risk & Controls Specialist [Remote] in United States vacancy
  • $95.6k - $143.4k

    Role Description HubSpot is seeking a Senior Third Party Risk & Integration Security Engineer to join our expanding IAM, Third Party Risk Management...  ...will conduct technical assessments of vendor security controls while also supporting broader software management and... 
    Senior
    Full time
    For contractors
    Remote work

    HubSpot

    Remote
    7 days ago
  • $115k - $130k

     ...Description We are looking for a Sr. Third Party Risk Specialist to own and evolve PNM’s third-party risk...  ...for someone who can operate at a senior level—balancing expert risk analysis,...  ...operationalization of third party security risk controls ~Communicate complex vendor risk... 
    Senior
    Full time
    Work from home
    Flexible hours

    PayNearMe, Inc.

    Remote
    7 days ago
  • $95.6k - $162.4k

    Northern Trust Corp in Chicago is looking for a Senior Consultant in Third Party Risk Management. The role involves overseeing governance, ensuring compliance with risk policies, and supporting audit engagements. Candidates should possess strong analytical skills and understanding... 
    Senior
    Full time

    Northern Trust Corp

    Chicago, IL
    4 days ago
  • $26 - $38 per hour

     ...Job Title Our client is seeking a Senior Analyst, Third Party Risk Management to join their team! This position is remote. Core Responsibilities...  ...assist with the implementation and maturation of related controls and workflows Partner cross-functionally with... 
    Senior
    Local area
    Remote work

    KellyMitchell Group

    United States
    10 hours ago
  •  ...Technologist in Hartford, Connecticut. In this role, you will be responsible for analyzing and managing cyber-related risks associated with third-party vendors. You will need a Bachelor’s Degree in a STEM field and five years of relevant cybersecurity experience. A strong... 
    Senior

    THE TRAVELERS INDEMNITY COMPANY

    Hartford, CT
    1 day ago
  • $105k - $120k

     ...development and maturation of the Credit Union’s Third-Party Risk Management (TPRM) program, ensuring...  ...location. What You'll Do Regardless of seniority or role, uphold UNFCU’s mission, core...  ...reporting mechanisms, and the overall control environment driving efficiency and... 
    Senior
    Contract work
    Work at office
    Local area

    UNFCU

    New York, NY
    2 days ago
  •  ...Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web...  ..., first line team within the Markets Operational Risk & Control group at Client and is responsible for developing, implementing... 
    Senior
    Contract work

    Syntricate Technologies

    New York, NY
    4 days ago
  • Atlas Search is seeking a Third Party Risk Specialist in New York to enhance its enterprise-wide vendor risk management program. This individual will oversee third-party risk processes across various teams including Compliance and Operations. With over 10 years of experience... 
    Senior

    Atlas Search

    New York, NY
    1 day ago
  •  ...this position is to support the assessment and oversight of Third‑Party Risk, as a component of Operational Risk, and to enhance the Bank'...  ...This includes analysis of processes to identify key risks and controls associated with third‑party relationships as well as aggregate... 
    Senior
    Work at office
    Local area

    OceanFirst Bank

    Red Bank, NJ
    17 hours ago
  •  ...drivers. About the Role The Global Governance, Risk, and Compliance (GRC) team is looking for a technical, security-focused Third-Party Risk Management (TPRM) Sr. Analyst. If you...  ...implementing & monitoring robust technical controls and ensuring strict compliance through... 
    Senior
    Hourly pay
    Contract work
    Work at office
    Local area
    Remote work
    Flexible hours

    DoorDash USA

    Milwaukee, WI
    10 hours ago
  •  ...As the Third Party Risk Sr Analyst , you will manage vendor issues, complete quality assurance...  ...adequacy and effectiveness of the test control processes in place. The role holder delivers...  ...include Collaborating with senior management to influence key decisions.... 
    Senior
    Work at office
    Local area
    Remote work

    Citizens Bank

    Providence, RI
    17 hours ago
  •  ...Administer and manage the third-party risk management (TPRM) platform, including workflows, risk tiering, assessments, issue tracking, reporting...  ...projects and initiatives, including process improvements, control enhancements, reporting upgrades, and program scalability... 

    Atlas Search

    New York, NY
    17 hours ago
  • $70k - $90k

     ...iCapital is looking to hire a Vendor Risk Specialist to join the Information Security team....  ...a small team to evaluate the risk of third-party vendors. Vendor risk includes information...  ...including evaluation of vendor controls, practices, process enhancements, and... 
    Full time
    Work at office
    Remote work

    iCapital

    Salt Lake City, UT
    17 hours ago
  • $60k - $121.3k

     ...A leading regional financial institution is seeking a Senior Third Party Risk Analyst in Lake Elmo, MN. In this role, you will execute third-party risk management activities, focusing on compliance and relationship management with vendors. The ideal candidate will have... 
    Senior

    Old National Bank

    Lake Elmo, MN
    1 day ago
  •  ...First Tech Federal Credit Union in Hillsboro, OR seeks a Senior Third-Party Risk Management Analyst to ensure compliance and perform risk assessments on third-party relationships. The role involves monitoring third-party activities and providing recommendations for compliance... 
    Senior

    First Tech Federal Credit Union

    Hillsboro, OR
    17 hours ago
  •  ...OceanFirst Bank is looking for a Third-Party Risk Management professional based in Red Bank, NJ. You will be responsible for overseeing third-party risk assessments, ensuring compliance, and preparing risk reports. The ideal candidate has a Bachelor's degree in Supply... 
    Senior

    RadNet

    Red Bank, NJ
    17 hours ago
  •  ...Citizens Bank is seeking a Third Party Risk Sr Analyst responsible for managing vendor assessment reviews and ensuring adherence to company policies. This role involves close collaboration with business leaders to evaluate vendor risks effectively. Applicants should possess... 
    Senior
    Work at office
    Remote work

    Citizens Bank

    Providence, RI
    17 hours ago
  • Northern Trust is seeking a professional to support Third-Party Risk governance within the 1st Line of Defence. You will work with Vendor Managers...  ...actionable guidance, and escalate concerning trends to Senior Management. Requirements include a college degree and 5-7... 
    Senior

    PVH (Tommy Hilfiger/Calvin Klein)

    Chicago, IL
    1 day ago
  •  ...Northern Trust Company in Tempe, Arizona as part of the Chief Procurement Officer's team for Third Party Management. This role is focused on design and execution of third party risk management programs aligned with regulatory requirements. Key responsibilities include... 
    Senior

    001 The Northern Trust Company

    Tempe, AZ
    2 days ago
  • Fifth Third Bank is seeking a Senior Analyst, Sourcing in Cincinnati, Ohio. The role focuses on managing third-party risk and facilitating the onboarding process for vendor relationships. Candidates should have a strong background in Vendor Management and excellent communication... 
    Senior

    Dormont Manufacturing Co

    Cincinnati, OH
    8 hours ago
  • OceanFirst Bank in Red Bank, NJ is seeking a professional to manage and assess third-party risk as part of their Operational Risk team. The ideal candidate will be responsible for analyzing vendor performance, ensuring compliance with regulatory standards, and creating... 
    Senior
    Local area

    OceanFirst Bank

    Red Bank, NJ
    17 hours ago
  • $105k - $120k

    United Nations Federal Credit Union seeks a skilled contributor to enhance its Third-Party Risk Management (TPRM) program. The role involves assessing and mitigating risks, ensuring compliance with regulations, and collaborating with various internal teams to support procurement... 
    Senior
    Work at office

    United Nations Federal Credit Union

    New York, NY
    4 days ago
  • Gilder Search Group is looking for a Sr. GRC Analyst focused on Third-Party & Human Risk Management in St. Louis, Missouri. The role ensures all human and third-party risks to Clayco are identified and treated appropriately. Key responsibilities include owning the TPRM... 
    Senior

    Gilder Search Group

    Saint Louis, MO
    4 days ago
  • Gilder Search Group is looking for a Sr. GRC Analyst focusing on Third-Party & Human Risk Management in Atlanta, Georgia. This role involves risk analysis, compliance assessments, vendor management, and developing security awareness training. The ideal candidate has 6-... 
    Senior

    Gilder Search Group

    Atlanta, GA
    4 days ago
  • Sky Mavis is seeking a Sr. GRC Analyst for third-party and human risk management in Tulsa, Oklahoma. This role focuses on identifying and mitigating risks from external vendors while implementing a strong security awareness program to cultivate a security-first culture... 
    Senior

    Sky Mavis

    Tulsa, OK
    1 day ago
  • Sky Mavis is seeking a Senior GRC Analyst focused on Third-Party and Human Risk Management in St. Louis, Missouri. This role requires 6-8+ years of experience in Risk Assessment and Information Security, with strong analytical skills. You will lead the Vendor Risk Management... 
    Senior

    Sky Mavis

    Saint Louis, MO
    1 day ago
  • Radar is hiring a Senior GRC Analyst in New York City to enhance security and compliance programs, focusing on third-party risk and SaaS governance. You will work with various teams to evaluate vendors, shape security strategies, and improve workflows, reporting to the... 
    Senior

    Radar

    New York, NY
    19 days ago
  • Citi is seeking a Lead Analyst in New York to manage third-party risk and operational resilience. This role will involve overseeing risk frameworks and providing insights to senior leadership. Candidates should have over 6 years of experience in risk management and a strong... 
    Senior

    Citi

    New York, NY
    4 days ago
  • Sky Mavis seeks a Sr. GRC Analyst in Phoenix, AZ, to manage Third-Party and Human Risk Management. This analytical role involves vendor risk assessment, security awareness training, and compliance evaluation, ensuring holistic risk management. Candidates should have significant... 
    Senior

    Sky Mavis

    Phoenix, AZ
    1 day ago
  • Summary Pinnacle Group is seeking a Risk Specialist to support third-party IT risk management and technology vendor assessment activities. This role...  ...vendor assessments focused on technology, security, and IT control environments. Evaluate vendor risk posture by... 

    Pinnacle Group, Inc.

    Dallas, TX
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Third Party Risk & Controls Specialist [Remote]. Be the first to apply!