Source Job

US Unlimited PTO 16w maternity 16w paternity

  • Drive the continuous maturation of the TPRM program, transforming it into a proactive security partnership.
  • Architect and govern the security strategy for the BPO and contingent worker ecosystem.
  • Design and build process automations to optimize and scale the TPRM program for fast-moving priorities.

Risk Assessment Cloud Security AI Governance Compliance

20 jobs similar to Senior Analyst, Third-Party Risk Management (TPRM)

Jobs ranked by similarity.

$150,000–$170,000/yr
US Unlimited PTO

  • Lead the governance, risk, and compliance function across security policies, standards, risk management, audits, and third-party risk.
  • Own audit readiness and ongoing compliance programs across frameworks such as SOC 2, ISO 27001, GovRAMP, PCI DSS, HIPAA, NIST CSF, and more.
  • Manage third-party and supply chain risk management, including vendor security reviews, due diligence, and remediation tracking.

Accela provides government software solutions to improve efficiency, increase citizen engagement, and enable thriving communities. They have been an industry leader for nearly 20 years and are committed to diversity, equity, and inclusion.

$180,000–$215,000/yr
US Unlimited PTO

  • Lead the direction for detecting and responding to AI threats using creative solutions.
  • Collaborate cross-functionally with engineering, IT, legal, and product teams.
  • Manage globally distributed security teams with a focus on data and execution.

Gainsight is the AI-powered retention engine behind the world's most customer-centric companies. With over 2,000 customers and a culture focused on collaboration and human-first values, we offer stability and support for our team.

US 5w PTO

  • Take ownership of building and scaling comprehensive security, privacy, and compliance programs that protect customer data.
  • Lead compliance initiatives such as SOC 2 Type 2 audits and evaluate additional frameworks like ISO 27001 and HIPAA.
  • Build scalable automated security processes by replacing manual tasks with scripts, APIs, and AI-powered solutions.

Our partner is a technology company focused on building secure, scalable systems. They operate with a remote, collaborative culture emphasizing ownership, transparency, and continuous improvement, with around 50–300 employees.

$127,000–$325,000/yr
US

  • Lead end-to-end customer technical success for enterprise data security and AI governance solutions.
  • Drive technical account strategy and conduct deep assessments across DSPM, privacy, and data security.
  • Engage executive stakeholders to communicate risk posture, progress, and expansion opportunities.

Jobgether is an AI-powered job matching platform that connects candidates with hiring companies. As a growing company, they emphasize a fast, objective hiring process and maintain a culture focused on efficiency and innovation.

US 24w maternity 24w paternity

  • Own the end-to-end GRC strategy and roadmap, driving compliance maturity and reducing audit risk.
  • Design and implement policy-as-code systems, translating compliance frameworks into enforceable code.
  • Lead full audit cycles, manage evidence collection, and architect GRC platform strategy for continuous compliance.

Smartsheet empowers teams to manage work and scale solutions, now uniting human teams with AI agents to automate tasks and uncover insights. With a history of over 20 years, the company fosters a culture of inclusion, creativity, and big thinking, offering professional growth and a supportive environment.

India

  • Design and implement a structured risk management program including risk taxonomy and scoring methodology.
  • Build and maintain the enterprise risk register as a living operational tool.
  • Leverage AI tools to monitor threat intelligence and accelerate risk analysis.

AlphaSense provides AI-driven market intelligence and search to help companies make smarter decisions. Founded in 2011, the company has over 2,000 employees globally and is headquartered in New York City.

$147,800–$164,000/yr
Global 18w maternity 16w paternity

  • Serve as a primary compliance resource embedded in the Alma-to-Spring Health integration, mapping control environments and building a unified compliance organization.
  • Own and lead enterprise-level compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, ISO 27001, ISO 42001, and ITGC-SOX.
  • Develop and operationalize Spring Health's AI governance program, including policies, risk frameworks, and AI-specific compliance documentation.

Spring Health is a global mental health company on a mission to eliminate every barrier to mental health. With outcomes independently validated by JAMA Network Open, Spring Health reaches more than 170 million people worldwide through leading employers, health plans, and partners.

Global

  • Own the strategic direction and roadmap for Confluent's internal access management program, with machine and workload identity as the durable center of gravity.
  • Lead the program to enforce service-to-service authentication and formalize non-human identity from pilot into a funded, governed program.
  • Drive access governance standards, metrics, and executive reporting cadence to maintain a coherent access posture.

Confluent is a data streaming platform that puts information in motion in near real-time, enabling companies to react faster and build smarter. It is an IBM subsidiary with a culture of collaboration, diversity, and curiosity, where no egos or solo acts exist.

US

  • Secure AI systems and use AI to scale security, conducting security reviews and threat modeling of AI-integrated product features.
  • Deliver end-to-end application security reviews for high-risk features, working directly with engineering teams to surface and close risk.
  • Advance CI/CD pipeline security by operating and evolving security scanning controls in GitLab pipelines.

Smartsheet empowers teams to manage work and scale solutions by uniting human teams with AI agents. They are a large company with over 20 years of experience, fostering a culture where ideas are heard and contributions have real impact.

$92,000–$92,000/yr
US

  • Own the operational and security backbone of MRO's AI tooling, including provisioning and configuring AI platforms like Claude and MS Copilot.
  • Monitor AI tool health, track costs, and build analytics dashboards to track adoption and ROI.
  • Manage AI governance by maintaining security documentation, responding to compliance questionnaires, and conducting vendor due diligence.

MRO provides AI tooling and operational support for healthcare organizations. It is a full-time remote employer with a focus on security and compliance, employing a collaborative and hands-on culture.

US 4w PTO

  • Own and continuously mature the company risk register, designing AI-assisted workflows for real-time risk posture.
  • Lead external audit management (SOC 2 Type II) and automate evidence collection pipelines in Vanta.
  • Engineer the Trust and Assurance program for scale, including automated vendor risk intake and AI-assisted response generation.

ButterflyMX empowers people to open and manage doors & gates from a smartphone, with products installed in over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by shared commitment to excellence and innovation.

India Unlimited PTO

  • Build multi-year partnership plans that improve customer outcomes and generate partner-sourced and partner-influenced revenue.
  • Drive alliance operational rigor and business review governance with Sprinto and partner senior leaders.
  • Develop and maintain executive-level relationships with Practice Leaders and senior practitioners across the delivery partner ecosystem.

Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, Sprinto has raised $31.8M in funding and is trusted by over 3,000 organizations across 75 countries.

$136,000–$169,000/yr
US

  • Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
  • Oversee identity and access management, including automated provisioning audits and anomaly detection.
  • Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.

Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.

US 4w PTO 12w maternity 12w paternity

  • Lead and develop the IAM team, creating a roadmap to manage key threats and risks across departments.
  • Balance short and long-term business impact by developing risk management strategies.
  • Build outstanding teams through world-class hiring and direct, timely feedback to develop security talent.

Aledade empowers independent primary care physicians with technology to keep patients healthy and thrive in value-based care. Founded in 2014, we've become the largest network of independent primary care in the country, with a collaborative, inclusive, and remote-first culture.

$110,100–$143,100/yr
North America

  • Defines program goals, governance frameworks, and measurable objectives for cyber risk and compliance programs.
  • Manages user attestations, third-party risk, cyber contract negotiation, and coordination of IT audits/assessments.
  • Implements GRC tooling and monitors program effectiveness through KPIs, QA reviews, and control testing.

Velera is a credit union service organization providing fintech solutions to over 4,000 financial institutions. The company fosters a remote-first, inclusive culture with a focus on employee wellbeing and belonging.

  • Owns product, cloud, engineering, vendor, AI-tooling, and compliance security functions.
  • Builds practical guardrails for AI tools, agents, MCPs, data leakage, and automation.
  • Understands OWASP, IAM, secrets, cloud security, vulnerability management, CI/CD, incident response, and frameworks like SOC 2, ISO 27001, GDPR, or HIPAA.

PlayPower Labs is a company focused on building practical security functions without slowing down teams. The organization values security sharpness, usefulness, and a product-minded approach, with a culture that balances protection and agility.

US Canada

  • Define security architecture and build controls for AI platforms, training and inference workflows, and agentic systems.
  • Design reusable security patterns for identity, authorization, and runtime controls to constrain execution and data exposure.
  • Lead hands-on security reviews and influence security architecture through practical design changes and reusable controls.

Cerebras Systems builds the world's largest AI chip, 56 times larger than GPUs, delivering industry-leading training and inference speeds. With dozens of model releases and rapid growth, they have a non-corporate work culture that respects individual beliefs.

US Unlimited PTO

  • Identify and resolve risk-related issues on the platform.
  • Investigate patterns and trends in escalated incidents.
  • Manage high-risk situations with urgency and adhere to legal policies.

Roadie is a leading logistics and delivery platform that helps businesses manage complex delivery needs, reaching 97% of U.S. households. With over 310,000 independent drivers, the company emphasizes flexibility, trust, and safety in its platform operations.

United States Unlimited PTO

  • Partner with the CISO to drive security strategy, roadmap, and execution across application security, GRC, and operations.
  • Support compliance initiatives including PCI, SOC 2, ISO 27001, DORA, and FedRAMP readiness.
  • Serve as a trusted security leader in customer-facing settings, translating technical risks into business language.

Sardine is the leading agentic risk platform for fighting financial crime, integrating data across risk teams to stop fraud and automate AML operations. With over 6 billion profiled devices and 800 million consumers, we maintain a remote-first culture that values performance over hours worked.

UK Global

  • Lead and own the ongoing operation and maintenance of Samsara’s vulnerability management program.
  • Collaborate with engineering teams to track and support the remediation of identified vulnerabilities.
  • Champion Samsara’s cultural principles in daily work.

Samsara is the pioneer of the Connected Operations Cloud, enabling organizations to harness IoT data for actionable insights. As a recently public company with a global team, they foster a culture of rapid career development and encourage employees to architect their own careers.