Cybersecurity Third-Party Risk Analyst - #251712

Job Summary

We are seeking a detail-oriented and security-conscious Cybersecurity Third-Party Risk Analyst to assess and mitigate risks associated with third-party vendors and service providers. This role is crucial in ensuring that external partnerships align with our security policies, industry regulations, and best practices. The ideal candidate will have experience in cybersecurity, risk assessment, and vendor management.

Key Responsibilities

• Conduct comprehensive security assessments of third-party vendors to identify potential risks and vulnerabilities.
• Evaluate vendor security policies, procedures, and controls to ensure compliance with company and industry standards.
• Develop and maintain third-party cybersecurity risk management (TPCRM) frameworks, policies, and procedures.
• Work closely with procurement, legal, and cybersecurity compliance teams to integrate security requirements into vendor contracts.
• Monitor vendor security performance using an automated , questionnaires, and periodic audits.
• Stay updated on cybersecurity threats, regulatory requirements, and best practices for third-party risk management.
• Collaborate with internal teams to address security concerns related to third-party vendors.
• Maintain foundational documentation related to the third-party process.
• Provide recommendations and remediation guidance to vendors with identified security gaps.
  
  

Qualifications & Skills

• Bachelor’s degree in cybersecurity, information technology, risk management, or a related field.
• 2-4 years of experience in cybersecurity risk assessment, vendor risk management, or a similar role.
• Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, SOC 2, CIS, GDPR, HIPAA).
• Familiarity with third-party risk management platforms and security assessment tools.
• Ability to analyze security reports and communicate risk findings effectively.
• Strong problem-solving skills and attention to detail.
• Excellent verbal and written communication skills.
  
  

Circle K is an Equal Opportunity Employer.

The Company complies with the Americans with Disabilities Act (the ADA) and all state and local disability laws. Applicants with disabilities may be entitled to a reasonable accommodation under the terms of the ADA and certain state or local laws as long as it does not impose an undue hardship on the Company. Please inform the Company’s Human Resources Representative if you need assistance completing any forms or to otherwise participate in the application process.

Click below to review information about our company's use of the federal E-Verify program to check work eligibility:

In English

In Spanish