×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

3rd Party Cyber Risk Analyst

Job in Birmingham, Jefferson County, Alabama, 35275, USA
Listing for: Protective Life Corporation
Full Time position
Listed on 2025-12-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 68500 - 80000 USD Yearly USD 68500.00 80000.00 YEAR
Job Description & How to Apply Below

The work we do has an impact on millions of lives, and you can be a part of it.

We help protect our customers against life’s uncertainties. Regardless of where you work within the company, you’ll be helping provide protection and peace of mind when our customers need it most.

The Third-Party Cyber Risk Analyst will support the organization’s third and fourth-party cyber risk management program, helping to ensure that security and regulatory compliance meet the company’s risk standards.

In this role, the analyst works closely within internal teams and external vendors to monitor, assess, and help mitigate cyber risks associated with vendor relationships. Responsibilities include assisting with risk assessments, tracking remediation efforts, reporting key metrics to leadership, and contributing to a culture of continuous improvement and security awareness.

Key Responsibilities:
  • Support the execution, documentation, and tracking of third-party risk assessments; this includes collecting and reviewing formal and informal security documentation from vendors.
  • Responsible for on/off-boarding vendors into the process, tool, and document repository.
  • Applying a shift-left mentality in every vendor lifecycle stage to foster a security and continuous improvement mindset.
  • Monitor the status and maintenance of 3rd-party security reports with controls, risk registers, and remediation activities.
  • Prepare and update basic reports and summaries for management on vendor risk status and compliance activities.
  • Execute and influence positive process changes and test new capabilities in the cyber risk tool.
  • Participate in the collection of evidence and documentation for audits and regulatory reviews.
  • Stay informed about changes in cybersecurity regulations (ie. NYDFS 500) and best practices; escrow relevant updates to senior team members.
  • Escalate issues or risks to senior analysts or management as needed.
  • Participate in security awareness activities, such as training sessions and phishing simulations.
Qualifications:
  • 1-2 years’ experience, internship, or coursework in IT security, risk management, compliance, and audit.
  • Understanding of third-party/vendor risk management processes and core risk management terminology.
  • Exposure to audit processes or evidence collection for compliance reviews.
  • Analytical mindset with attention to detail and a willingness to learn new concepts.
  • Project, organizational, and content management skills; ability to manage multiple tasks and deadlines.
  • Effective written and verbal communication skills; able to collaborate with technical and non-technical stakeholders.
  • Ability to prepare and present clear, concise reports and summaries.
  • Awareness of key security and compliance frameworks (e.g., SOC 2, NIST, ISO 27001, PCI, HIPAA, HITRUST, SOX).
  • Basic knowledge of state and federal cybersecurity regulations and standards.
  • Willingness to pursue industry certifications.
Preferred:
  • Experience with Microsoft Office Suite; familiarity with tools such as SharePoint, Power BI, Service Now, UpGuard, or Archer are a plus.
  • General understanding of IT concepts, including cloud services (IaaS, SaaS, PaaS), network security, and endpoint security.
  • A bachelor's degree in computer science, information technology, or a related field.
  • Achieved relevant security certifications are a plus, such as:
  • Certified Information Security Auditor (CISA)
  • Certified in Risk Information Systems Controls (CRISC)
  • GIAC Security Essentials or Professional Certification (GSEC/GISP)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Cloud Security Professional (CCSP)
  • Certified Insurance Data Security Professional (CIDSP)
  • CompTIA Security+

$68,500 - $80,000 a year

Protective’s targeted salary range for this position is $68,500 to $80,000. Actual salaries may vary depending on factors, including but not limited to, job location, skills, and experience. The range listed is just one component of Protective’s total compensation package for employees.

Employee Benefits:

We aim to protect the wellbeing of our employees and their families with a broad benefits offering. In addition to offering comprehensive…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search