[Remote] Senior Cybersecurity Risk Analyst - USA Remote
Note: The job is a remote job and is open to candidates in USA. Danaher Corporation is a leading science and technology company committed to saving lives through innovation. They are seeking a Senior Cybersecurity Risk Analyst responsible for executing third-party and supplier risk activities, contributing to enterprise risk operations, and ensuring cybersecurity compliance across a global environment.ResponsibilitiesExecute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review, scoring, and final risk decisioning under the direction of the TPRM LeadReview and provide cybersecurity input on third-party contracts (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses, AI-specific addenda), partnering with Legal, Privacy, and Procurement to land defensible positions and consistent redlinesAssess supply-chain and geopolitical risk (including country-of-origin and concentration concerns) and apply AI vendor risk frameworks (NIST AI RMF, ISO/IEC 42001) to AI-enabled products and services in the vendor portfolioServe as the connective tissue between central TPRM and the OpCo 3rd-Party Questionnaire & Response Coordinators, providing guidance on intake, scoring consistency, escalation paths, and Procurement engagement so vendor risk is handled the same way across the portfolioContribute to enterprise risk register operations and data quality, including consistent risk capture, cross-OpCo aggregation, and executive-grade reporting that informs the OpCo QBR and CISO updatesSkillsStrong working knowledge of third-party risk management frameworks and methodologies (e.g., Shared Assessments SIG, NIST SP 800-161, ISO/IEC 27036) and the underlying security and privacy regulatory landscape (GDPR, HIPAA, PCI DSS, SOX)Demonstrated experience administering vendor security questionnaires, reviewing evidence (SOC 2, ISO 27001, penetration test reports), applying scoring consistently at scale, and communicating findings to vendors and internal stakeholdersWorking familiarity with the cybersecurity provisions in vendor contracts (IS Terms & Conditions, Data Protection Addenda, Standard Contractual Clauses) and the ability to coordinate redlines with Legal, Privacy, and ProcurementHands-on experience operating an enterprise or program-level risk register, with attention to data quality, aggregation methodology, and reporting fluency for executive audiences7+ years of experience in third-party risk, enterprise risk management, vendor security, or related governance workExperience applying AI vendor risk frameworks such as NIST AI RMF and ISO/IEC 42001, and assessing supply-chain and geopolitical concentration risk including country-of-origin scrutinyFamiliarity with GRC platforms (e.g., OneTrust, ServiceNow IRM, RSA Archer) and vendor risk tooling, along with excellent written and verbal communication skills and proven experience influencing stakeholders at all organizational levels, including senior leadershipBenefitsBonus/incentive payPaid time offMedical/dental/vision insurance401(k) to eligible employeesFlexible, remote working arrangements for eligible rolesCompany OverviewDanaher is a leading global life sciences and diagnostics innovator, committed to accelerating the power of science and technology to improve human health. It was founded in 1969, and is headquartered in Washington, District of Columbia, USA, with a workforce of 10001+ employees. Its website is https://www.danaher.com/.Company H1B SponsorshipDanaher Corporation has a track record of offering H1B sponsorships, with 7 in 2025, 4 in 2024, 3 in 2023, 1 in 2022, 2 in 2021, 1 in 2020. Please note that this does not guarantee sponsorship for this specific role.