Sentara Health · 10 hours ago
Third party Risk (TPRM )Analyst
Virginia Beach, VA
Full-time
Onsite
Mid, Senior Level
$80K/yr - $134K/yr
3+ years expSentara Health is a healthcare organization seeking a Third Party Risk Management (TPRM) Analyst responsible for managing risks associated with third-party vendors throughout their lifecycle. The role involves conducting risk assessments, collaborating with legal and procurement teams during contract negotiations, and developing TPRM programs to enhance organizational compliance and risk mitigation strategies.
Hospital & Health Care
Responsibilities
Conduct thorough risk assessments for potential and existing vendors, focusing on various risk types, including cybersecurity, operational, financial, and compliance risks
Utilize and potentially create vendor risk assessment questionnaires to gather detailed information about vendor practices, including data security policies, internal controls, compliance posture, and business continuity plans
Analyze questionnaire responses and other relevant information to identify deficiencies, areas for remediation, and categorize vendors based on risk levels
Engage with stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions
Perform periodic reviews and reassessments of existing vendors to ensure ongoing compliance and address evolving risks
Partner with Legal and Procurement teams during contract negotiations to ensure security, privacy, and other relevant risk clauses are adequately addressed
Provide expert guidance on acceptable and unacceptable contract terms related to risk management, service level agreements (SLAs), and data protection
Work to define and include clear performance standards, due diligence requirements, and exit strategies within contracts
Support the development, maintenance, and enhancement of the organization's Third-Party Risk Management program and framework
Develop and update TPRM procedures to ensure alignment with organizational policies and regulatory requirements
Identify and implement process efficiencies within the TPRM program and perform analyses on team metrics to enhance effectiveness
Build and maintain strong relationships with internal stakeholders across departments such as Legal, Procurement, Information Security, and Business Units
Provide TPRM guidance and training to Vendor Relationship Owners and business partners on risk management practices
Communicate identified risks, assessment results, and mitigation strategies to stakeholders, including senior management, clearly and concisely
Track identified risks associated with third parties and ensure timely reviews are performed
Monitor key supplier performance against established SLAs and regulatory requirements
Track and collaborate with internal partners and vendors to remediate any risk-related issues
Qualification
Required
Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline
Experience in lieu of Bachelor's Degree
3 years of relevant experience with a degree
5+ years of relevant experience without a degree
CISA, CRISC, CISM, CISSP, or other relevant certifications
Strong understanding of Third-Party Risk Management (TPRM) principles, concepts, and best practices
Experience in conducting vendor risk assessments and evaluating internal controls
Working knowledge of contract management principles and practices, including contract negotiation and analysis
Excellent communication skills, both written and verbal
Strong analytical, critical thinking, and problem-solving skills
Ability to work collaboratively in a cross-functional environment
Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word)
Preferred
Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline
CISA, CRISC, CISM, CISSP, or other relevant certifications
Proficiency in GRC (Governance, Risk, and Compliance) tools like OneTrust, Archer, or ServiceNow
Benefits
Medical, Dental, Vision plans
Adoption, Fertility and Surrogacy Reimbursement up to $10,000
Paid Time Off and Sick Leave
Paid Parental & Family Caregiver Leave
Emergency Backup Care
Long-Term, Short-Term Disability, and Critical Illness plans
Life Insurance
401k/403B with Employer Match
Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
Student Debt Pay Down – $10,000
Reimbursement for certifications and free access to complete CEUs and professional development
Pet Insurance
Legal Resources Plan
Colleagues may have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met
Company
Sentara Health
Sentara Health, an integrated, not-for-profit health care delivery system, celebrates more than 135 years in pursuit of its mission - "we improve health every day." Sentara is one of the largest health systems in the U.S.
10001+ employees
H1B Sponsorship
Sentara Health has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (30)
2024 (7)
2023 (1)
Funding
Current Stage
Late StageLeadership Team
Dennis Matheis
President & CEO
Howard Kern
CEO Emeritus Sentara Health
Recent News
2025-09-17
The Virginian-Pilot
2025-07-24
Company data provided by crunchbase