Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
U.S. Bank

Information Security Third-Party Risk Analyst

U.S. Bank

Information Security Third-Party Risk Analyst evaluating and managing information security risks across external vendors. Ensuring appropriate controls are in place and driving remediation of identified risks.

Posted 5/31/2026full-timeCincinnati • Minnesota, Ohio, Texas • 🇺🇸 United StatesMid-LevelSenior💰 $98,175 - $115,500 per yearWebsite

About the role

Key responsibilities & impact
  • Perform information security risk assessments on third-party vendors (new and existing)
  • Review and analyze vendor security questionnaires, control responses, and supporting documentation
  • Identify security gaps, control deficiencies, and non-compliance issues
  • Document and track risk findings and remediation efforts through resolution
  • Evaluate vendor remediation plans and compensating controls
  • Partner with business stakeholders and third parties to explain risks and recommend mitigation strategies
  • Support contract review and redlining with a focus on information security requirements
  • Conduct continuous monitoring of vendor security posture
  • Review and assess third-party security incidents and perform post-event analysis
  • Contribute to monthly and quarterly reporting, metrics, and trend analysis
  • Support audit activities, control testing, and quality assurance efforts
  • Collaborate across information security, risk, and compliance teams

Requirements

What you’ll need
  • 5+ years of experience in information security
  • 5+ years of experience in third-party risk management, vendor risk, or risk analysis
  • Hands-on experience conducting third-party/vendor information security risk assessments
  • Strong understanding of information security controls and risk concepts
  • Experience identifying control gaps and evaluating remediation actions
  • Experience with contract review or redlining related to security requirements
  • Ability to clearly communicate risk to both technical and non-technical stakeholders

Benefits

Comp & perks
  • Healthcare (medical, dental, vision)
  • Basic term and optional term life insurance
  • Short-term and long-term disability
  • Pregnancy disability and parental leave
  • 401(k) and employer-funded retirement plan
  • Paid vacation (from two to five weeks depending on salary grade and tenure)
  • Up to 11 paid holiday opportunities
  • Adoption assistance
  • Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information security risk assessmentsvendor risk managementrisk analysissecurity controlscontrol deficienciesremediation planscontract reviewredliningcontinuous monitoringpost-event analysis
Soft Skills
communicationcollaborationstakeholder engagementanalytical thinkingproblem-solving