Third Party Risk Management Analyst

CrowdStrike

. Manage and mature CrowdStrike's Third Party Risk Management program, including policies, standards, procedures, and assessment methodologies .

Posted 5/16/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $85,000 - $120,000 per yearWebsite

Tech Stack

Tools & technologies

ServiceNow

About the role

Key responsibilities & impact

Manage and mature CrowdStrike's Third Party Risk Management program, including policies, standards, procedures, and assessment methodologies
Conduct security risk assessments of third-party vendors, evaluating controls across domains such as data security, access management, incident response, business continuity, and compliance
Tier and prioritize vendors based on risk factors including data sensitivity, operational dependency, and regulatory scope
Manage vendor risk findings, remediation plans, and exceptions, working with vendors and internal stakeholders to resolve issues in a timely manner
Monitor the third-party risk landscape, including emerging threats, regulatory changes, and vendor security incidents, and communicate relevant updates to stakeholders
Develop and maintain TPRM dashboards and reporting to provide visibility into vendor risk posture and program health
Develop and deliver training and communications to internal stakeholders on TPRM processes, requirements, and responsibilities
Identify opportunities to automate and optimize TPRM workflows, leveraging GRC tooling and integrations to improve efficiency and scalability
Proactively identify gaps in the TPRM program and lead efforts to address and remediate them
Perform other duties within the scope of Third Party Risk Management and broader Cyber GRC

Requirements

What you’ll need

Bachelor's degree in Computer Science, Information Security, Business, or a related field; or a up to 5 years of experience
Technical focus on third party risk management, vendor risk, supply chain security, or related disciplines
Experience with GRC or TPRM platforms such as ServiceNow, OneTrust, ProcessUnity, or similar tools
Strong understanding of security risk assessment methodologies and control frameworks applicable to third-party environments
Familiarity with regulatory requirements and frameworks such as SOC 1/SOC 2, ISO 27001/27002, NIST 800-53, CSA-CCM, GDPR, and PCI-DSS as they apply to vendor relationships
Experience with reviewing vendor security documentation, including SOC reports, penetration test results, and questionnaire responses
Certifications (Preferred): CISSP, CISM, CRISC, or equivalent security certifications
Certifications specific to third party risk such as CTPRP (Certified Third Party Risk Professional) are a plus

Benefits

Comp & perks

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

third party risk managementvendor risksecurity risk assessment methodologiescontrol frameworksdata securityaccess managementincident responsebusiness continuityregulatory complianceGRC tooling

Soft Skills

communicationstakeholder managementproblem-solvingtraining deliveryprocess optimizationanalytical thinkingproject managementcollaborationleadershipadaptability

Certifications

CISSPCISMCRISCCTPRPISO 27001ISO 27002SOC 1SOC 2NIST 800-53PCI-DSS