[Remote] Sr Third Party Risk Analyst (TPRM)
Note The job is a remote job and is open to candidates in USA. HealthEquity is dedicated to saving and improving lives by empowering healthcare consumers. As a Senior Third Party Risk Analyst, you will ensure the security and integrity of partners and technologies while evolving the Third Party Risk Management program in a fast-paced environment.
Responsibilities
Conduct risk assessments for critical and operationally significant third‑party entities, including cloud service providers, SaaS platforms, technology partners, and infrastructure providers Identify, track, and drive remediation of control gaps and security risks uncovered throughout the assessment lifecycle Stay ahead of emerging risks, including generative and agentic AI, and evolving regulatory expectations across financial services and healthcare Partner closely with cross‑functional teams such as Procurement, Legal, Privacy, Security, AI Governance, and vendor business owners to manage third‑party risk holistically Develop and maintain key risk and performance metrics that demonstrate progress and maturity within the TPRM program Lead efforts to automate repetitive and high‑volume processes, leveraging advancements in AI to increase efficiency, quality, and speed Introduce and evaluate AI‑enabled tools to enhance risk clarity, improve signal‑to‑noise, and scale the program responsibly Support other TPRM and governance activities as needed, contributing to a culture of continuous improvement Skills Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related technical field 5+ years of combined experience in information security, cybersecurity, or technical/analytical roles Experience operating in fast‑paced, high‑accountability environments where prioritization and time sensitivity matter 2–5 years of hands‑on cybersecurity experience, ideally within financial services or healthcare Strong understanding of security and AI control frameworks, such as NIST Cybersecurity Framework (CSF), NIST AI Risk Management Framework (AI RMF), ISO 42001 Prior experience with TPRM / GRC platforms, including tools such as Vanta, Archer, or ServiceNow Familiarity with cybersecurity risk rating services (e.g., RiskRecon, SecurityScorecard, BitSight) Working knowledge of audits, regulatory exams, and attestations, including SOC 2 Type II, ISO 27001, HITRUST, and similar frameworks Ability to review and interpret technical evidence demonstrating cybersecurity validation and compliance (e.g., SCA, SAST, DAST, penetration testing) Excellent written and verbal communication skills, with the ability to translate between technical and non‑technical audiences Experience reviewing technical policies and contributing to standard operating procedures Strong command of the Microsoft ecosystem, including PowerPoint, Excel, Word, SharePoint, and Power BI Demonstrated ability to use AI solutions securely and effectively, such as Microsoft Copilot, Gemini, Anthropic, or ChatGPT, to improve workflows and outcomes One or more cybersecurity certifications, such as CISSP, CISA, CISM, CRISC, or equivalent Demonstrated understanding of cybersecurity and AI governance frameworks, including NIST CSF and NIST AI RMF Benefits Performance-based incentives as part of the total compensation package Medical, dental, and vision HSA contribution and match Dependent care FSA match Uncapped paid time off Paid parental leave 401(k) match Personal and healthcare financial literacy programs Ongoing education& tuition assistance Gym and fitness reimbursement Wellness program incentives HealthEquity covers all required travel and accommodations HealthEquity is committed to providing reasonable accommodations to team members with qualifying disabilities Company Overview HealthEquity connects health and wealth by administering Health Savings Accounts (HSAs) and other consumer-directed benefits. It was founded in 2002, and is headquartered in Draper, Utah, USA, with a workforce of 1001-5000 employees. Its website is http//www.healthequity.com. Company H1B Sponsorship HealthEquity has a track record of offering H1B sponsorships, with 7 in 2026, 15 in 2025, 8 in 2024, 31 in 2023, 3 in 2022, 1 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.