Overview

Sr Third-Party Risk Analyst Jobs in United States at Elevait Solutions

Title: Sr Third-Party Risk Analyst

Company: Elevait Solutions

Location: United States

Senior Third-Party Risk Analyst

Top 3 Skills

  • Third-Party Risk Management (TPRM) hands-on vendor assessment lifecycle from intake through remediation
  • Security framework fluency SOC 2, ISO 27001, NIST CSF, FedRAMP, PCI DSS
  • Risk communication ability to translate complex findings for both technical teams and executive stakeholders

What You'll Do

  • Lead end-to-end risk assessments for new and existing vendors, covering cybersecurity posture and regulatory compliance
  • Review vendor-submitted security questionnaires, SOC 2 reports, ISO certifications, and audit documentation
  • Coordinate directly with vendors to validate security controls and drive remediation timelines
  • Classify vendors into risk tiers and maintain a live vendor risk database
  • Partner with Procurement, Legal, Privacy, and InfoSec on contract reviews and supplier security standards
  • Monitor ongoing supplier risk profiles and flag changes that require escalation
  • Identify automation opportunities within the assessment workflow to reduce manual overhead
  • Contribute to broader InfoSec risk initiatives beyond the vendor program

What We Need From You

  • 6+ years in third-party risk assessment, vendor governance, or information security risk management
  • Working knowledge of ISO 27001/2, SOC 2, NIST CSF, FedRAMP, and PCI DSS
  • Experience managing multiple concurrent vendor assessments without dropping the ball
  • Strong written and verbal communication you can brief a CISO and a procurement manager in the same day
  • Bachelor's degree in Cybersecurity, Information Security, Risk Management, Computer Science, or a related field

Bonus If You Have

  • Active certifications: CISA, CISM, CISSP, or CRISC
  • Exposure to ISO 27017/27018 cloud security extensions
  • Experience with Coupa, OneTrust, JIRA, or Coverbase

A Few Things to Know

  • You'll be expected to build cross-functional relationships across multiple internal teams
  • This role sits within a dedicated TPRM function you won't be context-switching into unrelated IT work
Upload your CV/resume or any other relevant file. Max. file size: 800 MB.