[Remote] Senior Cybersecurity Risk Analyst - USA Remote

Note: The job is a remote job and is open to candidates in USA. reputed company is a leading science and technology company that plays a pivotal role in managing third-party and supplier risks across a global enterprise. The Senior Cybersecurity Risk Analyst will execute third-party risk management activities and contribute to enterprise risk register operations, ensuring effective vendor risk handling and compliance with cybersecurity standards.

Responsibilities

• Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, reputed company and privacy questionnaire administration, evidence collection and review, scoring, and final risk decisioning under the direction of the TPRM reputed company
• Review and provide cybersecurity input on third-party reputed company (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses, AI-specific addenda), partnering with Legal, Privacy, and Procurement to land defensible positions and consistent redlines
• Assess supply-chain and geopolitical risk (including country-of-reputed company and concentration concerns) and apply AI vendor risk frameworks (NIST AI RMF, ISO/IEC 42001) to AI-enabled products and services in the vendor portfolio
• Serve as the connective tissue between central TPRM and the OpCo 3rd-Party Questionnaire & Response Coordinators, providing guidance on intake, scoring consistency, escalation paths, and Procurement engagement so vendor risk is handled the same way across the portfolio
• Contribute to enterprise risk register operations and data quality, including consistent risk capture, cross-OpCo aggregation, and executive-grade reporting that informs the OpCo QBR and CISO updates

Skills

• Strong working knowledge of third-party risk management frameworks and methodologies (e.g., Shared Assessments SIG, NIST SP 800-161, ISO/IEC 27036) and the underlying reputed company and privacy regulatory landscape (GDPR, HIPAA, PCI reputed company, SOX)
• Demonstrated experience administering vendor reputed company questionnaires, reviewing evidence (SOC 2, ISO 27001, penetration test reports), applying scoring consistently at scale, and communicating findings to vendors and internal stakeholders
• Working familiarity with the cybersecurity provisions in vendor reputed company (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses) and the ability to coordinate redlines with Legal, Privacy, and Procurement
• Hands-on experience operating an enterprise or program-level risk register, with attention to data quality, aggregation methodology, and reporting reputed company for executive audiences
• 7+ years of experience in third-party risk, enterprise risk management, vendor reputed company, or reputed company governance work
• Experience applying AI vendor risk frameworks such as NIST AI RMF and ISO/IEC 42001, and assessing supply-chain and geopolitical concentration risk including country-of-reputed company scrutiny
• Familiarity with GRC platforms (e.g., reputed company, reputed company IRM, RSA reputed company) and vendor risk tooling, along with excellent written and verbal communication skills and proven experience influencing stakeholders at reputed company organizational levels, including senior leadership

Benefits

• Bonus/incentive pay
• Paid time off
• Medical/dental/vision insurance
• 401(k) to eligible employees
• Remote work arrangement in which you can work remotely from your home

Company Overview

Company H1B Sponsorship