[Remote] Sr Third Party Risk Analyst (TPRM)
Note: The job is a remote job and is open to candidates in USA. HealthEquity is dedicated to saving and improving lives by empowering healthcare consumers. As a Senior Third Party Risk Analyst, you will ensure the security and integrity of partners and technologies while evolving the Third Party Risk Management program in a fast-paced environment.ResponsibilitiesConduct risk assessments for critical and operationally significant thirdâparty entities, including cloud service providers, SaaS platforms, technology partners, and infrastructure providersIdentify, track, and drive remediation of control gaps and security risks uncovered throughout the assessment lifecycleStay ahead of emerging risks, including generative and agentic AI, and evolving regulatory expectations across financial services and healthcarePartner closely with crossâfunctional teams such as Procurement, Legal, Privacy, Security, AI Governance, and vendor business owners to manage thirdâparty risk holisticallyDevelop and maintain key risk and performance metrics that demonstrate progress and maturity within the TPRM programLead efforts to automate repetitive and highâvolume processes, leveraging advancements in AI to increase efficiency, quality, and speedIntroduce and evaluate AIâenabled tools to enhance risk clarity, improve signalâtoânoise, and scale the program responsiblySupport other TPRM and governance activities as needed, contributing to a culture of continuous improvementSkillsBachelor's degree in Computer Science, Information Technology, Risk Management, or a related technical field5+ years of combined experience in information security, cybersecurity, or technical/analytical rolesExperience operating in fastâpaced, highâaccountability environments where prioritization and time sensitivity matter2â5 years of handsâon cybersecurity experience, ideally within financial services or healthcareStrong understanding of security and AI control frameworks, such as: NIST Cybersecurity Framework (CSF), NIST AI Risk Management Framework (AI RMF), ISO 42001Prior experience with TPRM / GRC platforms, including tools such as Vanta, Archer, or ServiceNowFamiliarity with cybersecurity risk rating services (e.g., RiskRecon, SecurityScorecard, BitSight)Working knowledge of audits, regulatory exams, and attestations, including SOC 2 Type II, ISO 27001, HITRUST, and similar frameworksAbility to review and interpret technical evidence demonstrating cybersecurity validation and compliance (e.g., SCA, SAST, DAST, penetration testing)Excellent written and verbal communication skills, with the ability to translate between technical and nonâtechnical audiencesExperience reviewing technical policies and contributing to standard operating proceduresStrong command of the Microsoft ecosystem, including PowerPoint, Excel, Word, SharePoint, and Power BIDemonstrated ability to use AI solutions securely and effectively, such as Microsoft Copilot, Gemini, Anthropic, or ChatGPT, to improve workflows and outcomesOne or more cybersecurity certifications, such as CISSP, CISA, CISM, CRISC, or equivalentDemonstrated understanding of cybersecurity and AI governance frameworks, including NIST CSF and NIST AI RMFBenefitsPerformance-based incentives as part of the total compensation packageMedical, dental, and visionHSA contribution and matchDependent care FSA matchUncapped paid time offPaid parental leave401(k) matchPersonal and healthcare financial literacy programsOngoing education& tuition assistanceGym and fitness reimbursementWellness program incentivesHealthEquity covers all required travel and accommodationsHealthEquity is committed to providing reasonable accommodations to team members with qualifying disabilitiesCompany OverviewHealthEquity connects health and wealth by administering Health Savings Accounts (HSAs) and other consumer-directed benefits. It was founded in 2002, and is headquartered in Draper, Utah, USA, with a workforce of 1001-5000 employees. Its website is http://www.healthequity.com.Company H1B SponsorshipHealthEquity has a track record of offering H1B sponsorships, with 7 in 2026, 15 in 2025, 8 in 2024, 31 in 2023, 3 in 2022, 1 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.