Third-Party Risk Management (TPRM) Junior Analyst

Posted 2026-06-26
Remote, USA Full-time Immediate Start

Third-Party Risk Management (TPRM) Junior Analyst

(Remote candidates will be considered)

National Digital Trust Company (In Organization) has received conditional approval from the Office of the Comptroller of the Currency to open as a federally chartered trust bank to provide a broad range of digital asset services.

We are building a specialized financial institution addressing the growing demand for digital asset services. Our primary business will focus on digital asset custody, providing secure, efficient custodial and fiduciary services for a variety of digital assets.

You will work with foundational systems and processes to help shape our operating model and influence how a new category of financial infrastructure comes to market.

We are looking for builders who handle complexity with confidence and tackle ambitious opportunities while keeping pace with this rapidly evolving industry. Let’s build this together!

Our Principles

Greatness is a mindset, not an accomplishment. Mediocrity is unacceptable. Excellence is contagious. We hire people because we believe in their greatness. Now is the time to prove us right.

Responsibility comes with the territory. Everyone is an owner, which means we share a common vision and mutual accountability. We act in line with our strategic objectives and the trust our customers place in us. We believe there is no such thing as "not my problem." Taking this level of ownership not only drives our collective success but also offers the potential for significant reward.

Innovation and adaptation are in our DNA. We are in a period of the most dramatic and rapid period of technological change in the history of humankind. Those that stay ahead will thrive, those that don't, won't. We innovate intelligently and thrive on overcoming challenges, to get (at least) a little better every day and ensure our continued growth and success.

Team first. We are reliable teammates working together toward extraordinary success through honesty and accountability. We believe collaboration knows no hierarchy, and we focus on what matters. We work toward consensus, but when necessary, we disagree and commit. We know that winners win.

Job Overview

Our company is seeking a highly motivated Third-Party Risk Management (TPRM) Junior Analyst to support its Third-Party Risk Management program within a highly regulated banking environment. This role is critical in ensuring third-party relationships meet regulatory expectations and cybersecurity standards.

The ideal candidate will have 1–3 years of experience in third-party risk, information security, IT audit, or compliance, along with a strong understanding of cybersecurity controls, risk assessment methodologies, and regulatory expectations applicable to financial institutions. Experience reviewing NIST, ISO 27001, and SOC reports is required.

This role requires the ability to assess technical controls, identify control gaps, and evaluate vendor cybersecurity maturity, aligning with regulatory expectations, including OCC guidance.

Objectives

Third-Party Risk Assessments

Conduct initial and ongoing risk assessments for new and existing vendors, with emphasis on cybersecurity and data protection

Evaluate vendor due diligence responses, including information security, security architecture, and cloud environments

Identify control gaps and recommend risk mitigation strategies

Assess vendors handling sensitive data, critical systems, or customer information

Regulatory & Compliance Alignment

Support vendor due diligence, concentration risk, fourth-party risk, and business continuity assessments

Assist with preparation for regulatory examinations and internal audits

Maintain documentation demonstrating regulatory compliance and risk-based decision making

Support updates to TPRM policies, procedures, and standards

Framework & Control Evaluation

Assess vendor security programs against recognized frameworks, including:

NIST Cybersecurity Framework, ISO 27001, SOC 2 Type II

Ongoing Monitoring

Support monitoring of critical and high-risk vendors, including: Annual reassessments, Incident reviews, Cybersecurity attestations, Financial health reviews

Track vendor performance, compliance, and remediation activities

Prepare risk summaries and reporting materials for leadership

Escalate significant risks in a timely manner

Incident & Resilience Oversight

Review vendor incident response and breach notification processes

Evaluate business continuity and disaster recovery capabilities

Participate in vendor-related incident response activities as needed

Reporting & Governance

Prepare concise risk reports for senior leadership and risk committees

Maintain accurate documentation within the TPRM system

Support reporting on third-party cyber risk exposure and metrics

Collaboration & Communication

Partner with Information Security, Compliance, Legal, Procurement, and business units

Communicate findings clearly to both technical and non-technical stakeholders

Provide guidance to business owners on third-party risk requirements

What you bring to our company

Bachelor's degree in business, Information Security, Cybersecurity, Risk Management, Finance, or related field.

1-3 years of experience in TPRM and Information security risk

Preferred Qualifications: 

Experience working in an OCC-regulated financial institution

Exposure to cloud risk management (AWS, SaaS environments)

Experience using TPRM platforms

Working Knowledge of:

Risk assessment methodologies (inherent vs. residual risk)

NIST Cybersecurity Framework

ISO 27001

SOC 2 reports

Key Competencies:

Attention to detail

Critical thinking and analytical ability

Strong written and verbal communication

Strong cybersecurity risk mindset

Ability to evaluate technical control environments

Risk-based decision making

Attention to regulatory detail

Ability to manage multiple vendor assessments simultaneously

Professional communication with both technical and non-technical stakeholders

We promote diversity of thought, culture, background, and experience. We are an equal opportunity employer, and employment at our company is based solely on one's merit and qualifications directly related to professional competence. We do not discriminate based on race, creed, color, ancestry, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, military or veteran status, or any other characteristics protected by law.

Featured benefits

Employer-provided: Medical, Dental, and Vision insurance, 401(k), life and disability insurance.

Apply Now

Similar Jobs

Recent Jobs

Cybersecurity Penetration Tester [REMOTE JOB
Remote Part-Time Customer Chat Support Specialist – Work From Home Opportunity with careerzynith
Business Development Representative: Infrastructure - Data Centers
Online Teachers -26/27 School Year ASL - Part Time
Remote - Lead Salesforce developer
Sales Representative, Women's Health- Philadelphia North, PA
Talent Sourcing Specialist - Contract
Remote Triage Nurse (RN Part-Time)
Peer Support Specialist/ Case Manager
Remote Customer Care Specialist – Hospitality Guest Services & Reservation Management Expert

You May Also Like

[Remote] Network Engineer Lead
[Remote] Forward Deployed AI Engineer, East
Remote Call Center – Bilingual (English & Spanish) CSR
Technical Account Manager (1 Year Laboratory Experience Required)
Triage Nurse (PST or CST), Anywhere
Senior Analyst - Cyber Threat Intel (Remote)
Life Insurance Sales Position (Work From Home)
Long Form Video Content Writer
Remote Customer Support Analyst – Data Entry & Product Management – careerzynith (Work‑From‑Home, Full‑Time)
Data Entry Specialist – Remote Travel Data Management, Quality Assurance, and Process Optimization for careerzynith
Back to Job Board