Third Party Risk Management (TPRM) Analyst (Remote)

CrowdStrike Holdings, Inc.$85K — $120K *
US-AnywhereRemote in United States
Business Services
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Security, Business, or a related field; or up to 5 years of relevant experience.
  • Technical focus on third party risk management, vendor risk, or supply chain security.
  • Experience with GRC or TPRM platforms like ServiceNow or OneTrust.
  • Strong understanding of security risk assessment methodologies and control frameworks for third-party environments.
  • Familiarity with regulatory requirements like SOC 1/SOC 2, ISO 27001, and GDPR as they relate to vendor relationships.
  • Experience in reviewing vendor security documents such as SOC reports and penetration test results.

Responsibilities

  • Manage and enhance CrowdStrike's TPRM program and related policies.
  • Conduct security risk assessments of vendors across key domains.
  • Tier and prioritize vendors based on risk, sensitivity, and regulatory requirements.
  • Oversee vendor risk findings and work on timely issue resolution.
  • Monitor the vendor risk landscape for emerging threats and regulatory changes.
  • Create dashboards and reports to track vendor risk and program health.
  • Develop training on TPRM processes for internal stakeholders.

Benefits

  • Market leader in compensation and equity awards
  • Comprehensive physical and mental wellness programs
  • Competitive vacation and holidays
  • Paid parental and adoption leaves
  • Professional development opportunities for all employees
  • Vibrant office culture with world class amenities
  • Great Place to Work Certified™ globally
Full Job Description

About the Role:

CrowdStrike is seeking a Third Party Risk Management (TPRM) Analyst to join our Policy, Risk Management, and Controls team (PCRM). As CrowdStrike's ecosystem of vendors, partners, and suppliers continues to grow, this role will be essential in identifying, assessing, and managing the security risks introduced through third-party relationships. This role offers candidates an opportunity to work in a fast-paced, collaborative environment alongside experienced security professionals, with direct impact on protecting CrowdStrike and its customers from supply chain and vendor-related threats.

Third Party Risk Program Management:  Develop, implement, and maintain CrowdStrike's TPRM policies, standards, and procedures, ensuring alignment with internal security requirements and external regulatory obligations.

Risk Assessment & Due Diligence: Lead security risk assessments of third-party vendors and partners across the full vendor lifecycle, from onboarding through offboarding,  identifying and prioritizing risks based on criticality and data access.

Reporting and Analysis: Generate detailed reports and dashboards to track vendor risk posture, assessment status, remediation progress, and program KPIs for leadership and key stakeholders.

Collaboration and Resolution: Partner with Procurement, Legal, Privacy, IT, and business teams to ensure third-party risks are understood, communicated, and appropriately addressed. Serve as a subject matter expert on vendor security requirements.

Process Optimization: Continuously identify opportunities to streamline and automate TPRM workflows, reduce manual effort, and scale the program to meet CrowdStrike's growth.

What You'll Do:
  • Manage and mature CrowdStrike's Third Party Risk Management program, including policies, standards, procedures, and assessment methodologies.

  • Conduct security risk assessments of third-party vendors, evaluating controls across domains such as data security, access management, incident response, business continuity, and compliance.

  • Tier and prioritize vendors based on risk factors including data sensitivity, operational dependency, and regulatory scope.

  • Manage vendor risk findings, remediation plans, and exceptions, working with vendors and internal stakeholders to resolve issues in a timely manner.

  • Monitor the third-party risk landscape, including emerging threats, regulatory changes, and vendor security incidents, and communicate relevant updates to stakeholders.

  • Develop and maintain TPRM dashboards and reporting to provide visibility into vendor risk posture and program health.

  • Develop and deliver training and communications to internal stakeholders on TPRM processes, requirements, and responsibilities.

  • Identify opportunities to automate and optimize TPRM workflows, leveraging GRC tooling and integrations to improve efficiency and scalability.

  • Proactively identify gaps in the TPRM program and lead efforts to address and remediate them.

  • Perform other duties within the scope of Third Party Risk Management and broader Cyber GRC.

What You’ll Need:
  • Bachelor's degree in Computer Science, Information Security, Business, or a related field; or a up to 5 years of experience.

  • Technical focus on third party risk management, vendor risk, supply chain security, or related disciplines.

  • Experience with GRC or TPRM platforms such as ServiceNow, OneTrust, ProcessUnity, or similar tools.

  • Strong understanding of security risk assessment methodologies and control frameworks applicable to third-party environments.

  • Familiarity with regulatory requirements and frameworks such as SOC 1/SOC 2, ISO 27001/27002, NIST 800-53, CSA-CCM, GDPR, and PCI-DSS as they apply to vendor relationships.

  • Experience with reviewing vendor security documentation, including SOC reports, penetration test results, and questionnaire responses.

  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.

Certifications (Preferred): 

  • CISSP, CISM, CRISC, or equivalent security certifications.

  • Certifications specific to third party risk such as CTPRP (Certified Third Party Risk Professional) are a plus.

Soft Skills:

  • Ability to think strategically about supply chain and vendor risks and connect them to CrowdStrike's broader risk posture.

  • Strong analytical and problem-solving skills to evaluate vendor controls, identify gaps, and prioritize remediation.

  • Excellent communication skills with the ability to convey technical risk findings to non-technical stakeholders, including executives and procurement teams.

  • Proven ability to build and maintain relationships with external vendors and internal cross-functional partners.

  • Leadership skills to drive vendor risk assessments, manage remediation efforts, and influence stakeholders without direct authority.

Program and Project Management:

  • Experience managing risk programs or projects, including scoping, stakeholder coordination, and tracking deliverables against timelines.

Bonus Points:

  • Experience with continuous monitoring solutions for third-party risk (e.g., BitSight, SecurityScorecard).

  • Familiarity with CrowdStrike products, services, or the broader cybersecurity industry.

  • Practical experience in software development or secure coding practices, particularly as they relate to supply chain security (e.g., SBOM, open source risk).

#LI-CS1

#LI-Remote

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $85,000 - $120,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please . 

Expected Close Date of Job Posting is:07-14-2026

About CrowdStrike Holdings, Inc.

CrowdStrike Holdings, Inc. Careers

Joining CrowdStrike Holdings, Inc. presents an unparalleled opportunity to advance a career in the tech industry with a company at the forefront of digital security. As a leader in cybersecurity solutions, CrowdStrike Holdings, Inc. offers a range of job opportunities that cater to a variety of skills and experiences, from entry-level positions to senior leadership roles.

Explore Job Opportunities

CrowdStrike Holdings, Inc. is continuously seeking talented individuals who are passionate about protecting organizations against cyber threats. With a commitment to innovation and excellence, the company is hiring professionals who are eager to contribute to a team that values hard work and creative solutions.

Innovation and Professional Growth

At CrowdStrike Holdings, Inc., employees are encouraged to push the boundaries of technology and leadership. The company supports professional growth through robust training programs, including leadership development and diversity training, ensuring that every team member has the resources to thrive in their career.

Culture and Benefits

The culture at CrowdStrike Holdings, Inc. is dynamic and inclusive, fostering a workplace where diversity is celebrated and every voice is heard. Employees enjoy comprehensive benefits that support both their professional and personal lives, enhancing job satisfaction and team morale.

Internship Programs

For those starting their career, CrowdStrike Holdings, Inc. offers internship programs that provide a rich learning environment. Interns gain hands-on experience, working alongside seasoned professionals and participating in projects that deliver real-world solutions.

Networking and Career Advancement

CrowdStrike Holdings, Inc. emphasizes the importance of networking within the industry, offering numerous opportunities for employees to connect with thought leaders and innovators. These connections can lead to career advancement and a deeper understanding of the cybersecurity landscape.

Applying for a Position

To apply for a position at CrowdStrike Holdings, Inc., candidates should prepare a resume that highlights relevant experience and skills. The interview process is designed to assess not only professional qualifications but also a candidate's fit within the company culture and team.

Stay Connected with CrowdStrike Careers

Interested candidates can stay informed about new openings and company news by subscribing to job alert emails. This personalized service ensures that potential applicants are the first to know about new opportunities that match their career interests and skills.

Join the Team

CrowdStrike Holdings, Inc. is looking for curious, creative, and solution-driven team players. Explore the employment opportunities on the CrowdStrike Holdings, Inc. careers page to find a position that matches your skills and passions.

SEARCH CROWDSTRIKE JOBS

Keep Up to Date

Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the professionals who work at CrowdStrike Holdings, Inc.

READ CAREERS BLOG

Job Alert Emails

Customize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities waiting at CrowdStrike Holdings, Inc.
Learn more about CrowdStrike Holdings, Inc.

Similar Jobs

More Jobs at CrowdStrike Holdings, Inc.

  • Private Wealth Advisor
    $87K — $123K *
    Seattle, WA 98115 (King County)
    Finance & Insurance
    In-Person
  • Retirement Plan Advisor
    $79K — $112K *
    Springfield, MA 01109 (Hampden County)
    Finance & Insurance
    In-Person
  • Financial Planner
    $87K — $123K *
    New York City, NY 10025 (New York County)
    Finance & Insurance
    In-Person
  • Welocalize, Inc.
    Quality Analytics Lead
    $100K — $130K *
    Portland, OR 97229 (Washington County)
    Technical Services
    In-Person
  • Electrical Engineer Substation Lead
    $116K — $145K *
    Binghamton, NY 13905 (Broome County)
    Energy & Utilities
    In-Person

More Business Services Jobs

Find similar Third Party Risk Management (TPRM) Analyst (Remote) jobs: