Demo
Salary Resume Critique Job Openings

Third Party Risk Analyst

Federal Reserve Bank (FRB)
Boston, MA Full Time
POSTED ON 1/17/2025
AVAILABLE BEFORE 4/4/2025

Company Federal Reserve Bank of Boston The requirements for this position are local to Boston area candidate with proof of US citizenship or Permanent Residency and must have resided in the United States for at least the past three (3) years. The Third-Party Risk Management Analyst position will be a member of the Third-Party Risk Management organization within National IT.

This Analyst will be a part of a team responsible for assessing the information security practices and posture of new and existing third parties for the Federal Reserve System.

This role could have additional TPRM responsibilities supporting the identification, assessment, and mitigation of risks related to National IT’s managed third-party relationships. This position will leverage various sources of data to assess the security program and associated risk management practices of the Federal Reserve’s suppliers, highlight risks, and control gaps associated with the supplier’s security program, categorize the potential risks based on severity, and identify potential mitigation strategies.

The position is also responsible for translating the results of the analysis into a business consumable format and delivering those results to business, legal, and procurement teams to advise risk decisions. Additionally, the analyst will be responsible for identifying, performing, and tracking continuous monitoring activities to ensure that risks associated with active suppliers are appropriately managed and mitigated. This position will participate in cross-functional teams to address information security policy, vendor risk management, or compliance issues.

This position will determine best practices, suggest how to improve current practices, and monitor those practices. Key Responsibilities (including, but not limited to the following) :

  • Conduct comprehensive third-party cyber security assessments utilizing a NIST-based framework; evaluate the security posture of third parties to identify vulnerabilities, gaps, and areas of non-compliance; and identify and recommend security controls, best practices, and risk mitigation strategies in alignment with industry standards and regulatory requirements.
  • Generate detailed reports that provide in-depth analysis of assessment findings, including identified risks, control deficiencies, and recommended remediation actions for vendor engagements.
  • Engage with customers and stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions for vendor engagements.
  • Work as part of a cross-functional team to perform assessments on new and existing vendors to understand any potential threats to the Federal Reserve System, advising Federal Reserve stakeholders on any mitigations needed to reduce potential threats.
  • Review and interpret results of vendor audit reports and attestations (such as SOC2 reports); identify deficiencies and areas for remediation and advise appropriate stakeholders on findings.

May conduct or coordinate periodic vendor audits, in collaboration with Vendor Managers, Internal Audit, and other internal teams as needed.

  • Provide coordination and reporting for third-party risk activities including vendor outreach related to cybersecurity breaches and zero-day vulnerabilities.
  • Leads process improvement and long-term information security solution discussions and presents outcomes in written and verbal format to senior management.
  • Key participant in project development surrounding new processes and the integration of new processes with existing ones.

    • Assists in developing communications of these changes to impacted stakeholders. Education and Experience :

  • Bachelor’s degree in computer science, information systems, or other related fields, or equivalent combination of work experience and education
  • Should possess or be able to achieve Industry recognized certifications within the domains of information security (e.g., CISSP, GIAC, CISM, CISA, CTPRP, CCSP, etc.)
  • 3 years of experience performing cyber security assessments, with a specific focus on third-party assessments and utilizing a NIST-based framework (e.g., NIST 800-53, NIST CSF).
  • Experience with compliance and security audits, and risk mitigation plans.

    • Experience developing and completing vendor risk assessments for enterprise-level vendor relationships.

    Understanding of various risk and security certifications and attestations (SOC2, ISO 27001, etc.).

    Familiarity with third party risk and governance concepts. Knowledge and Skills :

  • In-depth understanding of cyber security principles, concepts, and best practices, including risk assessment methodologies and security control frameworks.
  • In-depth understanding of regulatory requirements and industry standards related to third-party cyber security, such as GDPR, CCPA, HIPAA, PCI DSS, ISO 27001, etc.
  • Advanced use of cyber security assessment tools and external vendor information sources; and applying open-source intelligence methodologies.
  • Excellent analytical and problem-solving skills, with a proven ability to identify and assess risks in simple assessment scenarios and propose effective solutions.
  • Strong written and verbal communication skills, including the ability to effectively present simple technical information to non-technical stakeholders.
  • Demonstrate strong customer service skills to ensure a smooth evidence collection experience for both clients and vendors.
  • Ability to explain and articulate technical concepts to non-technical stakeholders and follow basic troubleshooting steps to work through issues. The Federal Reserve Bank is committed to a diverse, equitable and inclusive workplace and to provide equal employment opportunities to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service. All employees assigned to this position will be subject to FBI fingerprint / criminal background and Patriot Act / Office of Foreign Assets Control (OFAC) watch list checks at least once every five years.

    • All candidates must undergo an enhanced background check and comply with all applicable information handling rules. The above statements are intended to describe the general nature and level of work required of this position.

    They are not intended to be an exhaustive list of all duties, responsibilities or skills associated with this position or the personnel so classified.

    While this job description is intended to be an accurate reflection of this position, management reserves the right to revise this or any job description at its discretion at any time. For this job, any offer of employment is contingent upon successfully passing a two-phase security screening.

    The first phase consists of the satisfactory completion of a physical examination (including a drug screening), reference checks, and a security investigation consisting of credit and criminal history checks. The second phase, which might not be complete until after you begin working at the Reserve Bank, is an additional risk-based security screening determined by the risk rating of the position.

    Depending upon the sensitivity of the position, this phase may include, and is not limited to, work and residency eligibility verification, and personal interviews with the candidate, references, and prior employers. All applicants must have resided in the United States for at least three (3) years. Full Time / Part Time Full time Regular / Temporary Regular Job Exempt (Yes / No) Yes Job Category Work Shift First (United States of America) The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

    The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (https : / / rb.wd5.myworkdayjobs.com / FRS) or through verified Federal Reserve Bank social media channels. Privacy Notice

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Third Party Risk Analyst?

    Sign up to receive alerts about other jobs on the Third Party Risk Analyst career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $96,228 - $129,772
    Income Estimation: 
    $131,676 - $196,560
    Income Estimation: 
    $121,926 - $164,179
    Income Estimation: 
    $124,413 - $154,875
    Income Estimation: 
    $87,128 - $112,557
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $70,462 - $84,818
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Federal Reserve Bank (FRB)

    Summer 2025 Graduate Internship - Business Technology Services
    Federal Reserve Bank (FRB)
    Hired Organization Address Minneapolis, MN Full Time
    Company Federal Reserve Bank of Minneapolis The Federal Reserve Bank of Minneapolis Graduate Intern Program is intended ...
    Summer Internship - Research Department - Macro (onsite)
    Federal Reserve Bank (FRB)
    Hired Organization Address Philadelphia, PA Full Time
    Company Federal Reserve Bank of Philadelphia The Federal Reserve Bank of Philadelphia is one of the 12 regional Reserve ...
    Police Officer - FRLEO (Phoenix)
    Federal Reserve Bank (FRB)
    Hired Organization Address Phoenix, AZ Full Time
    Company Federal Reserve Bank of San Francisco We are the Federal Reserve Bank of San Francisco—public servants with a mi...
    FRLEO - Police Officer (Seattle)
    Federal Reserve Bank (FRB)
    Hired Organization Address Renton, WA Full Time
    Company Federal Reserve Bank of San Francisco Our police officers serve as the face of the SF Fed, both as frontline def...
    View More Jobs at Federal Reserve Bank (FRB)

    Not the job you're looking for? Here are some other Third Party Risk Analyst jobs in the Boston, MA area that may be a better fit.

    Third Party Risk Analyst

    Federal Reserve Bank of Boston, Boston, MA

    Third-Party Risk Governance Specialist

    Needham Bank, Wellesley, MA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!