Third Party Risk Engineer, Digital Technology (Remote)- job post

February 28, 2026

Apply for this job

Email *

Job Description

2.92.9 out of 5 stars

United States•Remote

Full-time

Job details

Job type

  • Full-time

Full job description

Job Summary

As a key member of the Digital Technology Risk Assurance team, the Technology Risk Analyst will leverage their practical knowledge and experience to independently assess and manage technology risks associated with third-party vendors. This role requires a proactive individual capable of tackling complex challenges with minimal guidance, contributing significantly to the organization’s overall risk posture.

We are unable to sponsor or take over sponsorship of an employment visa for this position now or in the future. This role requires eligibility to work in the US without sponsorship.

Essential Functions

  • Comprehensive Vendor Evaluation: Conduct in-depth evaluations of third-party vendors and service providers, encompassing their financial stability, operational performance, and adherence to regulatory compliance requirements.
  • Risk Identification and Mitigation: Proactively identify potential technology risks and vulnerabilities within third-party relationships, subsequently developing and implementing effective mitigation strategies and plans.
  • Cross-Functional Collaboration and Communication: Foster strong collaborative relationships with internal teams, including procurement, legal, IT, and compliance, to ensure a unified and consistent approach to third-party risk management. Communicate and interact effectively and professionally with all stakeholders, including co-workers, management, business partners, and customers.
  • Compliance and Standards Alignment: Ensure all third-party risk management practices are meticulously aligned with established industry standards, regulatory requirements, and the organization’s strategic goals.
  • Continuous Monitoring and Oversight: Implement and maintain continuous monitoring of third-party performance and compliance through regular audits, reviews, and performance assessments.
  • Documentation and Record Keeping: Maintain thorough, accurate, and up-to-date records pertaining to all third-party risk management processes and activities.
  • Organizational Awareness and Best Practices: Actively contribute to raising awareness of critical third-party risk issues and promote best practices across the organization.


Qualifications

Required Experience:

  • 2–4 years in technology risk, cybersecurity, audit, compliance, or third-party risk management.
  • Experience performing vendor risk assessments, due diligence, and ongoing monitoring.
  • Working knowledge of risk frameworks (e.g., NIST, ISO 27001).
  • Strong communication and stakeholder management skills.
  • Analytical and detail-oriented with the ability to identify and address risk gaps.
  • Familiarity with GRC or vendor risk management tools.

Preferred Experience:

  • 3+ years of third-party risk management experience, including process or framework improvement.
  • Professional certifications (CISA, CISM, CRISC, CISSP, CTPRA, etc.).
  • Experience in regulated industries or familiarity with third-party risk regulations.
  • Understanding of IT and cybersecurity concepts (cloud, network, application security).
  • Experience automating TPRM workflows or using GRC platforms (e.g., ServiceNow).
  • Ability to work across teams such as Legal, Procurement, and Technology.
  • Experience managing the full vendor risk lifecycle (onboarding through offboarding).