Add your latest resume to match with open positions.

21 results for Vulnerability Management jobs

VP of Information Security & Risk Management

Nashville, TN
onsite
Permanent / Full Time
200000 - 250000 USD / Yearly
We are looking for an accomplished security executive to lead the organization’s information security, risk management, and compliance efforts from an enterprise perspective. This role will shape a forward-looking security strategy that supports business goals, strengthens regulatory alignment, and promotes resilient operations across the company. Based in Nashville, Tennessee, this leader will work closely with executives, internal teams, clients, and external partners to guide decision-making, elevate governance, and oversee response readiness. Responsibilities: • Develop and lead a company-wide information security and risk management roadmap that supports strategic business objectives and long-term growth. • Convert executive priorities into practical security programs, measurable initiatives, and effective control frameworks across the enterprise. • Establish meaningful performance and risk metrics to evaluate security maturity, track progress, and inform leadership decisions. • Direct governance, risk, and compliance activities by maintaining policies, standards, and control practices that meet regulatory and organizational expectations. • Oversee audit preparation, regulatory reviews, and corrective action plans to ensure timely remediation and sustained compliance. • Provide executive leadership during cybersecurity incidents by guiding escalation, communication, containment, and recovery efforts. • Lead senior security teams responsible for monitoring threats, managing vulnerabilities, and reducing enterprise risk through coordinated operational execution. • Represent the organization in security-related discussions with clients, vendors, and business partners, including assessments, due diligence, and contractual security matters. • Build and develop a high-performing security leadership structure by mentoring managers and directors, setting priorities, and aligning resources to business needs.
2026-06-11T00:00:00Z

Security Manager

Chicago, IL
onsite
Temporary / Contract
55.4135 - 64.163 USD / Hourly
We are looking for a Security Manager to lead security compliance and risk oversight for a long-term contract opportunity based in Chicago, Illinois. This role is ideal for a leader who can guide control assessments, strengthen governance practices, and support audit readiness across a complex enterprise environment. The successful candidate will combine hands-on knowledge of cybersecurity frameworks with the ability to manage teams, advise stakeholders, and improve security program maturity. Responsibilities: • Lead security governance and compliance activities, including oversight of IT general controls and alignment with established regulatory and organizational standards. • Direct and develop a team of security professionals, setting priorities, reviewing performance, and ensuring consistent execution across core security initiatives. • Partner with internal stakeholders and external auditors to coordinate assessments, address findings, and maintain readiness for recurring audit activity. • Evaluate enterprise and third-party risk exposures, recommend mitigation strategies, and help strengthen risk management practices across the organization. • Support the advancement of security programs by assessing control maturity, identifying gaps, and driving practical improvements in policy, process, and oversight. • Provide guidance on industry frameworks such as ISO 27001, SOC 2, and FedRAMP to help align security operations with broader compliance objectives. • Collaborate with technical teams across cybersecurity, application security, network security, and SIEM functions to ensure controls are appropriately designed and monitored. • Contribute to emerging governance initiatives, including areas related to AI risk and oversight, where applicable.
2026-06-05T00:00:00Z

Manager, Cybersecurity Analytics

Philadelphia, PA
onsite
Temporary / Contract
0 - 0 USD / Yearly
We are looking for an experienced Manager, Cybersecurity Analytics to lead the design and evolution of a data-driven security measurement program. This Long-term Contract position will focus on turning cybersecurity, risk, and control data into meaningful insights that support leadership decisions and strengthen governance across the organization. The ideal candidate will partner with stakeholders at multiple levels to build reporting strategies, improve visibility into security performance, and promote a culture of measurable risk management. Responsibilities: • Guide the cybersecurity analytics and metrics function by setting direction, priorities, and standards that support enterprise goals and accepted industry practices. • Create and enhance measurement models that evaluate security controls, risk exposure, and program effectiveness through clear, quantifiable indicators. • Work closely with executives, business leaders, and cross-functional partners to identify reporting needs and ensure analytics output supports strategic decision-making. • Apply data analysis methods to gather, interpret, and translate security information into practical recommendations for risk reduction and operational improvement. • Prepare recurring and on-demand reports that communicate trends, outcomes, and key findings to audiences ranging from operational teams to senior leadership and board-level stakeholders. • Continuously enhance the metrics program by incorporating stakeholder feedback, regulatory expectations, threat developments, and evolving best practices. • Monitor relevant compliance obligations, security standards, and market trends to keep the analytics framework current and effective. • Champion organization-wide participation in data collection and reporting efforts while promoting the business value of a strong cybersecurity metrics program through effective communication. • Contribute to broader security initiatives such as compliance reviews, risk assessments, and issue management activities as needed.
2026-06-11T00:00:00Z

Application Security Engineer

Reading, PA
remote
Permanent / Full Time
117200 - 146600 USD / Yearly
We are looking for an Application Security Engineer to strengthen secure software delivery and partner closely with engineering teams in Reading, Pennsylvania. This role focuses on embedding security throughout the software lifecycle, from architecture and development through deployment and ongoing operations. The ideal candidate brings deep application security expertise, a collaborative mindset, and the ability to translate security requirements into practical engineering guidance. Responsibilities: • Partner with software engineering and cybersecurity teams to build security into application design, coding practices, release processes, and production support. • Perform in-depth security evaluations through code analysis, threat modeling, penetration testing, and vulnerability assessments to uncover and prioritize risk. • Establish and uphold secure development standards, reusable patterns, and technical guidance that improve consistency across teams. • Administer and enhance security controls within CI/CD workflows, including code scanning, infrastructure-as-code checks, and container security tooling. • Contribute to architecture assessments for cloud-based systems, microservices, and containerized applications to ensure resilient and secure designs. • Evaluate application risks and support formal security reviews to guide mitigation planning and informed technical decisions. • Verify that application security activities align with applicable compliance obligations and recognized industry frameworks. • Create and deliver training sessions that help developers strengthen secure coding habits and increase security awareness. • Track emerging attack techniques and threat intelligence, then apply those insights to improve preventive and detective controls. • Support the monitoring, investigation, and remediation of application security issues, while coordinating effectively with external vendors and consultants as needed.
2026-06-04T00:00:00Z

Information Security Engineer

Washington, DC
onsite
Temporary / Contract
55.66 - 55.66 USD / Hourly
We are looking for an Information Security Engineer to support the client’s cybersecurity mission. This role is responsible for designing, implementing, and maintaining secure systems that protect critical infrastructure and sensitive data across organization environments. The role will collaborate with federal leadership and cross-functional teams to strengthen endpoint security, mitigate threats, and ensure compliance with federal cybersecurity standards.This position operates in a highly complex environment, requiring independent decision-making, technical leadership, and the ability to translate security and business requirements into effective technical solutions. Key Responsibilities:· Design, configure, and validate secure systems and endpoint protection solutions.· Implement and manage Endpoint Detection and Response (EDR) tools.· Support integration of endpoint security data into SIEM/log aggregation systems.· Collaborate with application and infrastructure teams to troubleshoot security issues.· Participate in incident response and cybersecurity operations (SecOps) activities.· Enforce and implement security requirements aligned with FISMA and NIST 800 series.· Monitor emerging threats, vulnerabilities, and security best practices.· Work ServiceNow ITSM tickets through completion for security operations.· Participate in cybersecurity meetings and provide recommendations to enhance security posture.
2026-05-20T00:00:00Z

Software Developer III - Security

Philadelphia, PA
onsite
Temporary / Contract
60 - 65 USD / Hourly
Full Stack Developer III (IAM / Security Focus) Job Type: 31-Week Contract (Potential for Extension or Conversion)Location: Philadelphia, PAPay: Hourly on W2 OverviewAn enterprise Identity & Access Management (IAM) team is seeking a Full Stack Developer III to design, build, and enhance secure internal applications and platforms. This role sits within a highly collaborative IAM engineering team responsible for multiple internal tools and portals supporting authentication and authorization services at scale.This position is ideal for a hands-on full stack engineer with strong security fundamentals who can take initiative, contribute to architectural decisions, and help guide development best practices. The team is actively modernizing applications and progressing through a cloud-native AWS migration journey.Key Responsibilities<ul><li>Design, develop, and maintain full stack applications supporting IAM platforms and internal tools</li><li>Build and enhance front-end UI components (Angular) and backend services (Java, Spring Boot, Node.js)</li><li>Develop and integrate REST APIs to support secure, scalable application functionality</li><li>Implement authentication and authorization mechanisms using modern standards (OAuth2, JWT)</li><li>Apply secure coding practices and leverage frameworks such as Spring Security</li><li>Collaborate closely with engineers to guide technical decisions, architecture, and design approaches</li><li>Contribute to cloud-native development in AWS, including serverless and containerized solutions</li><li>Support application performance through caching strategies and database optimization</li><li>Participate in system design, development, testing, deployment, and ongoing enhancements</li><li>Troubleshoot issues across the application stack and ensure high availability and performance</li><li>Mentor team members and promote best practices in full stack and secure development</li></ul>
2026-06-01T00:00:00Z

Infrastructure Manager

Albuquerque, NM
onsite
Permanent / Full Time
0 - 0 USD / Yearly
We are looking for an Infrastructure Manager to oversee the performance, security, and ongoing improvement of enterprise infrastructure across on-premises and cloud environments in Albuquerque, New Mexico. This onsite leadership role blends team management with direct technical involvement, supporting critical platforms that keep business systems running smoothly. The position is responsible for guiding infrastructure operations, strengthening reliability, and ensuring core services are maintained to a high standard. Responsibilities:• Direct day-to-day operations for core infrastructure services, including Windows and Linux servers, virtualization, cloud platforms, identity systems, Microsoft 365 services, storage, backup, and disaster recovery solutions.• Lead, coach, and support infrastructure engineers and administrators while setting clear expectations for operational excellence and technical delivery.• Take an active role in resolving high-impact infrastructure issues, performing deep technical troubleshooting, and guiding remediation for complex platform incidents.• Drive patching, upgrades, hardware renewal planning, and other lifecycle activities to keep infrastructure secure, current, and dependable.• Establish and maintain operational procedures, technical documentation, and service standards that improve consistency across infrastructure environments.• Oversee monitoring and alerting capabilities to ensure system events are visible, actionable, and aligned with business needs.• Partner with architecture, Site Reliability, and production operations teams to prepare infrastructure for new deployments, platform changes, and incident response.• Support infrastructure enhancement initiatives such as platform upgrades, system migrations, and automation efforts that improve efficiency and service stability.• Monitor capacity, utilization, and platform health, and lead root cause analysis when infrastructure failures or service interruptions occur.Other duties as needed
2026-06-05T00:00:00Z

Infrastructure Manager

Cleveland, OH
onsite
Permanent / Full Time
120000 - 135000 USD / Yearly
We are looking for an experienced IT Infrastructure Manager to lead the performance, reliability, and security of core technology environments supporting transport operations in Greater Cleveland, Ohio. This role oversees on-premises and cloud-based infrastructure, ensuring systems remain resilient, well-maintained, and aligned with operational needs. The ideal candidate brings a strong background in infrastructure administration, vendor coordination, disaster recovery planning, and continuous improvement across enterprise IT services. Responsibilities:• Direct the planning, deployment, upkeep, and retirement of infrastructure platforms that support daily IT operations.• Oversee the stability and availability of physical servers, virtual machines, host environments, and storage systems across the organization.• Manage cloud environments in platforms such as Microsoft Azure and Amazon Web Services to maintain secure, efficient, and scalable operations.• Coordinate response activities for physical security events, escalating issues when appropriate and ensuring required reporting is completed.• Administer enterprise storage, backup, and recovery solutions to protect data integrity and support restoration needs.• Partner with external vendors and service providers to deliver ongoing infrastructure support and resolve operational issues effectively.• Strengthen business continuity by developing, testing, and refining disaster recovery strategies and infrastructure safeguards.• Lead initiatives that improve infrastructure standards, operational metrics, and service performance through established IT best practices.• Work closely with internal stakeholders to address security concerns, operational risks, and long-term infrastructure priorities.• Investigate complex technical issues, identify root causes, and implement sustainable corrective actions to prevent recurrence.
2026-06-02T00:00:00Z

Security Engineer

Atlanta, GA
onsite
Temporary / Contract
60 - 70 USD / Hourly
Our client is seeking a Security Engineer to help protect enterprise systems, networks, and cloud environments. This individual will play a key role in identifying security risks, implementing controls, and responding to security incidents.Responsibilities<ul><li>Design, implement, and maintain security controls across infrastructure and cloud environments.</li><li>Monitor security tools and investigate alerts, incidents, and vulnerabilities.</li><li>Perform security assessments, risk analyses, and remediation planning.</li><li>Support compliance and audit initiatives.</li><li>Collaborate with infrastructure, networking, and application teams to improve security posture.</li><li>Develop security policies, standards, and best practices.</li></ul>
2026-06-02T00:00:00Z

Security Engineer

Jacksonville, FL
onsite
Temporary to Hire
0 - 0 USD / Yearly
We are looking for a Security Engineer to join a team in Jacksonville, Florida in a contract role with the potential to become permanent. This position will lead the development and execution of security solutions that safeguard infrastructure, applications, and sensitive information against evolving cyber threats. The ideal candidate brings strong hands-on experience across security engineering, threat prevention, and compliance-focused operations while partnering closely with technical and business stakeholders. Responsibilities<ul><li>Design, implement, and support technical solutions aligned with business objectives and organizational standards</li><li>Develop and maintain policies, standards, and procedures to ensure consistent and effective operations</li><li>Build and support systems and platforms used for monitoring, prevention, and response across applications, infrastructure, and data environments</li><li>Manage day-to-day operations, including system access, monitoring, and issue resolution</li><li>Participate in on-call support as needed to address critical incidents or production issues</li><li>Research emerging technologies and trends, and assist in evaluating and implementing new solutions</li><li>Identify areas for improvement and contribute to ongoing enhancements, including system optimization and issue remediation</li><li>Collaborate with internal teams and stakeholders to support project delivery and ensure alignment with requirements</li><li>Perform routine maintenance, updates, and administration to ensure systems remain stable, secure, and up to date</li></ul>
2026-05-28T00:00:00Z

Security Engineer

Jacksonville, FL
onsite
Temporary / Contract
0 - 0 USD / Yearly
Looking for a Security Engineer with strong endpoint management experience to support enterprise security operations and device compliance.Key Responsibilities:<ul><li>Manage and secure endpoints using SCCM / Microsoft Endpoint Configuration Manager</li><li>Deploy patches, updates, and software across the environment</li><li>Monitor and respond to security vulnerabilities and threats</li><li>Implement endpoint security policies and hardening standards</li><li>Support audits, compliance, and remediation efforts</li><li>Work with IT teams on incident response and security improvements</li></ul>
2026-05-26T00:00:00Z

Security Engineer

Jacksonville, FL
onsite
Temporary / Contract
0 - 0 USD / Yearly
We are seeking a Senior Security Engineer to design, implement, and manage enterprise security solutions that protect critical systems, applications, and data. This role is focused on strengthening security posture, ensuring compliance, and proactively defending against evolving cyber threats in a fast-paced environment. Key Responsibilities:<ul><li>Design, deploy, and support secure systems aligned with business objectives and regulatory requirements</li><li>Develop and maintain security policies, standards, and best practices to improve overall security posture</li><li>Architect and support security infrastructure including:</li><li>SIEM (Security Information and Event Management)</li><li>DLP (Data Loss Prevention)</li><li>IPS (Intrusion Prevention Systems)</li><li>Monitor and manage security systems, including provisioning, alerting, and incident response</li><li>Perform system validation, troubleshooting, and root cause analysis for security incidents</li><li>Conduct vulnerability assessments and partner with teams to implement remediation plans</li><li>Support system patching, maintenance, and security hardening initiatives</li><li>Collaborate with engineering, infrastructure, and business teams to integrate security into all projects</li><li>Research emerging threats and evaluate new tools or technologies for risk mitigation</li><li>Participate in on-call rotation for production incident support</li></ul>
2026-05-29T00:00:00Z

IT Security Specialist

Cambridge, MA
onsite
Permanent / Full Time
90000 - 110000 USD / Yearly
We are looking for a dedicated IT Security Specialist to join our team in Cambridge, Massachusetts. The ideal candidate will play a key role in maintaining the integrity, confidentiality, and security of data across our systems. This position requires a proactive individual with a strong background in cybersecurity and governance practices. Responsibilities: • Implement and monitor security protocols to ensure the protection of sensitive data and systems. • Conduct regular audits and assessments to identify vulnerabilities and ensure compliance with data privacy regulations. • Develop and enforce security policies and procedures to safeguard computer files and databases. • Collaborate with cross-functional teams to address cybersecurity risks and enhance overall security posture. • Analyze security incidents and provide recommendations for mitigation and prevention. • Manage and maintain secure access controls for databases and information systems. • Provide training and awareness programs to educate staff on cybersecurity best practices. • Stay up-to-date with emerging threats and technologies to continuously improve security measures. • Assist in the development and execution of governance strategies related to cybersecurity. • Prepare detailed reports on security performance and compliance findings for management review.
2026-05-19T00:00:00Z

IT Security Specialist

Jersey City, NJ
remote
Temporary / Contract
79.1635 - 91.663 USD / Hourly
We are looking for an experienced IT Security Specialist to enhance and optimize our organization's security posture. This contract position focuses on strengthening our Microsoft 365 and Defender security settings to ensure robust protection of our digital assets. The ideal candidate will bring expertise in cybersecurity and governance to address key vulnerabilities efficiently. Responsibilities: • Conduct a comprehensive security assessment of Microsoft 365 and Defender environments. • Identify and implement necessary security enhancements, including configuration changes and activation of advanced features. • Collaborate with internal staff to ensure seamless integration of security measures. • Provide expert guidance on data privacy and database security best practices. • Develop and document security protocols and procedures for long-term protection. • Monitor system settings and recommend adjustments to maintain compliance with cybersecurity standards. • Educate team members on cyber governance principles and practices. • Ensure the protection of sensitive computer files and organizational data from potential threats. • Offer post-implementation support to address any issues or provide further optimization.
2026-05-18T00:00:00Z

IT Security Specialist

San Francisco, CA
onsite
Temporary / Contract
50 - 55 USD / Hourly
We are looking for an IT Security Specialist to support daily cybersecurity operations for a growing organization in San Francisco, California. This Long-term Contract position is ideal for a hands-on, detail-oriented security specialist who can independently investigate threats, strengthen vulnerability management practices, and collaborate across IT, compliance, and security teams. The role also contributes to employee security education, asset visibility, and incident documentation while helping maintain a strong operational security posture. This is a contract position and requires 4 days a week onsite in San Francisco. Responsibilities:• Monitor and assess security events generated by detection platforms, investigate suspicious activity, and escalate validated threats as needed.• Perform incident analysis to determine underlying causes, document conclusions, and recommend practical corrective actions.• Review data protection alerts for signs of policy breaches, unauthorized data movement, or insider risk, and coordinate escalation with appropriate stakeholders.• Refine data loss prevention rules and alert logic to improve signal quality while preserving effective monitoring coverage.• Maintain the enterprise asset inventory, verify device classification accuracy, and work with IT teams to address unknown or unmanaged assets.• Run automated penetration testing activities, evaluate attack path results, and partner with technical teams to prioritize and remediate identified weaknesses.• Oversee ongoing vulnerability scanning, interpret findings based on risk and asset importance, and track remediation progress through completion or documented exception.• Deliver security awareness sessions for new hires and support phishing simulation campaigns, including follow-up education for higher-risk user groups.• Coordinate security-related work across IT, compliance, and internal security partners while keeping operational procedures, runbooks, and incident records current.
2026-06-12T00:00:00Z

Risk Analyst

Carrollton, TX
onsite
Permanent / Full Time
0 - 0 USD / Yearly
We are looking for a detail-oriented Risk Analyst to join our team in North Dallas, Texas. This role is vital in ensuring compliance with insurance, bonding, and licensing requirements across various projects. The ideal candidate will excel in analyzing financial data and managing documentation to maintain regulatory standards. Responsibilities:• Ensure compliance with insurance requirements by reviewing contracts and certificates of coverage.• Assess subcontractor insurance and compliance documentation to verify adherence to standards.• Manage commercial insurance compliance, including general liability and casualty coverage.• Coordinate with insurance brokers to obtain certificates, endorsements, and renewal documents.• Assist with bond requests and evaluate contract values to ensure proper coverage.• Oversee licensing applications, renewals, and compliance documentation for business and city requirements.• Process certificate requests by reviewing contracts, assessing subcontractor compliance, and managing related invoices.• Collaborate with divisions, controllers, and project teams to address compliance needs effectively.
2026-06-12T00:00:00Z

Risk Assurance Specialist

Chicago, IL
remote
Temporary to Hire
66.5 - 77 USD / Hourly
We are looking for a Risk Assurance Specialist to support risk, compliance, and assurance activities for a growing organization. This contract opportunity is ideal for a detail-oriented candidate with a strong background in IT risk, internal audit, or compliance who can evaluate exposures, guide remediation efforts, and provide clear reporting to stakeholders. The role will work across control, audit, and risk processes to help strengthen governance practices and improve how issues are identified, tracked, and resolved. Responsibilities: • Assess and document technology and operational risks, then help prioritize response actions based on business impact and residual exposure. • Oversee the lifecycle of findings and corrective actions by coordinating with stakeholders, monitoring progress, and driving timely closure of remediation items. • Maintain and update risk, control, and issue records within governance or risk management platforms to support accurate tracking and reporting. • Analyze results from audits, control reviews, and compliance activities to identify trends, highlight concerns, and recommend practical improvements. • Prepare dashboards, metrics, and status summaries that communicate risk posture and remediation progress to management and governance groups. • Support control and assurance activities by aligning documentation and testing practices with established risk and control frameworks. • Contribute to process enhancements that improve the efficiency and consistency of risk identification, issue intake, and remediation management. • Partner with teams involved in security, audit, and third-party oversight to consolidate findings and strengthen enterprise risk visibility.
2026-06-10T00:00:00Z

Third Party Risk Analyst

Los Angeles, CA
remote
Permanent / Full Time
130000 - 140000 USD / Yearly
Job TitleThird-Party Risk Analyst Company OverviewA leading global professional services organization in the legal and business advisory space, headquartered in Los Angeles, California, is seeking a Third-Party Risk Analyst to join its growing IT Security team. The organization is known for its commitment to protecting sensitive client data and maintaining robust security standards across modern cloud and SaaS environments. With a strong global presence, the firm emphasizes innovation, collaboration, and operational excellence. Role SummaryThe Third-Party Risk Analyst plays a critical role in safeguarding the organization’s ecosystem by evaluating the security posture of external vendors and partners. This role focuses on conducting technical risk assessments across SaaS platforms, cloud environments, and hosted services while ensuring compliance with industry standards and client expectations. Based remotely, this position partners closely with IT security leadership and cross-functional stakeholders to mitigate risk and strengthen third-party security practices. Key Responsibilities<ul><li>Conduct technical security assessments of third-party vendors across SaaS platforms, cloud infrastructure, and hosted services</li><li>Evaluate vendor security controls, including access management, encryption, and data protection practices</li><li>Review vendor documentation such as SOC 2 reports, ISO certifications, and security testing results</li><li>Assess cloud environments (AWS, Azure, GCP) for security configurations, segmentation, and identity controls</li><li>Analyze API security, including authentication methods, data transmission, and vulnerability risks</li><li>Evaluate DevSecOps maturity, including secure development practices and CI/CD pipeline security</li><li>Track and manage vendor risk findings, ensuring remediation efforts are completed in a timely manner</li><li>Support client-facing security activities, including questionnaires, audits, and compliance reviews</li><li>Collaborate with internal stakeholders to align vendor security with regulatory requirements (e.g., GDPR, CCPA)</li><li>Prepare risk reports and present key findings to leadership and cross-functional teams</li></ul>Compensation & Benefits<ul><li>$120,000 – $140,000 with discretionary bonus</li><li>Discretionary bonus eligibility</li><li>Comprehensive benefits package including medical, dental, and vision coverage</li><li>Flexible spending accounts (FSA) and 401(k) with profit sharing</li><li>Paid time off including vacation, sick leave, and personal days</li></ul>Additional Details<ul><li>Remote (must reside in proximity to a supported office region)</li><li>Core hours: 8:00 AM – 4:00 PM PT (7-hour workday)</li><li>Occasional travel may be required for vendor assessments</li><li>Collaborative environment with direct exposure to senior leadership and security stakeholders</li></ul>
2026-06-10T00:00:00Z

Third Party Risk Analyst

Columbus, OH
onsite
Temporary / Contract
28 - 32 USD / Hourly
We are looking for a Third Party Risk Analyst to support vendor risk evaluation activities for a contract position based in Columbus, Ohio. This role focuses on guiding prospective vendors through the assessment process, analyzing inherent and residual risk, and helping the business make informed decisions about third-party engagements. The ideal candidate brings strong analytical judgment, advanced Excel capability, and hands-on experience within third-party risk or enterprise risk management environments. Responsibilities:• Coordinate the onboarding of prospective vendors by initiating and managing third-party risk assessments from intake through completion.• Review vendor information to determine risk exposure levels and assign appropriate ratings based on established assessment criteria.• Perform inherent risk and control evaluations to identify areas requiring deeper review or follow-up analysis.• Escalate higher-risk findings when additional due diligence or supplemental assessments are necessary.• Partner with internal stakeholders to gather documentation, clarify risk factors, and support timely assessment outcomes.• Track assessment progress, organize findings, and maintain clear reporting using Excel and other available tools.• Contribute to gap analysis activities by identifying weaknesses in vendor controls and documenting potential residual risk.• Support enterprise risk management efforts by helping align third-party reviews with broader organizational risk standards.
2026-06-12T00:00:00Z

Enterprise Risk Analyst

Pittsburgh, PA
onsite
Temporary / Contract
0 - 0 USD / Yearly
We are looking for a Risk Analyst to support a banking client in Pittsburgh, PA. This position works closely with multiple business areas to evaluate operational risk, strengthen control practices, and deliver clear reporting for leadership review. The role is well suited for someone with experience in risk, compliance, internal audit, or control assessment who can balance independent analysis with effective cross-functional collaboration. Responsibilities:• Lead and support enterprise risk reviews by gathering information from business teams, evaluating control effectiveness, and documenting inherent and residual risk conclusions.• Oversee elements of end-user computing governance by maintaining supporting standards, advising stakeholders, coordinating training efforts, and validating business unit compliance through review and testing.• Contribute to fraud risk activities, including monitoring relevant issues, supporting investigative processes, and assisting with regulatory reporting when required.• Prepare consolidated risk reporting for management and board-level audiences, including analysis tied to risk appetite measures and review of submissions received from business units.• Partner with operational areas across the bank to identify emerging concerns, assess incidents or control gaps, and recommend practical risk mitigation strategies.• Participate in compliance and control testing activities, record findings accurately, and communicate exceptions or areas for improvement to appropriate stakeholders.• Provide independent second-line review of risk decisions made by the business, offering sound judgment and constructive feedback backed by clear rationale.• Maintain accurate risk assessment data and supporting documentation within designated risk management tools and reporting processes.• Respond to regulatory and internal inquiries by assembling risk-related information and presenting conclusions in a clear, thorough manner.• Deliver responsive support to internal partners by clarifying requirements, guiding completion of risk-related tasks, and promoting consistent risk management practices.
2026-06-11T00:00:00Z

Audit Consultant - Operational Risk

New York, NY
remote
Temporary / Contract
65 - 80 USD / Hourly
Major global bank is looking for an experienced audit consultant who can lead and execute audits, risk assessments, and issue validations surrounding operational risk (non-financial). Candidate must have internal audit experience with a large financial institution.
2026-06-11T00:00:00Z