Job Overview

Third Party Risk Management (TPRM) Senior Analyst is responsible for ensuring the organization effectively manages risks associated with third-party vendors and partners throughout the entire third-party lifecycle, including vendor selection, contract negotiation, ongoing monitoring, and termination. This involves not only identifying and evaluating risks but also collaborating with various teams, particularly Legal and Procurement, to embed risk mitigation strategies into contractual agreements. 

Key responsibilities

  • Vendor Risk Assessment (VRA):
    • Conduct thorough risk assessments for potential and existing vendors, focusing on various risk types, including cybersecurity, operational, financial, and compliance risks.
    • Utilize and potentially create vendor risk assessment questionnaires to gather detailed information about vendor practices, including data security policies, internal controls, compliance posture, and business continuity plans.
    • Analyze questionnaire responses and other relevant information to identify deficiencies, areas for remediation, and categorize vendors based on risk levels.
    • Engage with stakeholders to communicate assessment results, address security concerns, and collaborate on potential remediation actions.
    • Perform periodic reviews and reassessments of existing vendors to ensure ongoing compliance and address evolving risks.
  • Contract Negotiation:
    • Partner with Legal and Procurement teams during contract negotiations to ensure security, privacy, and other relevant risk clauses are adequately addressed.
    • Provide expert guidance on acceptable and unacceptable contract terms related to risk management, service level agreements (SLAs), and data protection.
    • Work to define and include clear performance standards, due diligence requirements, and exit strategies within contracts.
  • TPRM program development and maintenance:
    • Support the development, maintenance, and enhancement of the organization's Third-Party Risk Management program and framework.
    • Develop and update TPRM procedures to ensure alignment with organizational policies and regulatory requirements.
    • Identify and implement process efficiencies within the TPRM program and perform analyses on team metrics to enhance effectiveness.
  • Stakeholder collaboration and communication:
    • Build and maintain strong relationships with internal stakeholders across departments such as Legal, Procurement, Information Security, and Business Units.
    • Provide TPRM guidance and training to Vendor Relationship Owners and business partners on risk management practices.
    • Communicate identified risks, assessment results, and mitigation strategies to stakeholders, including senior management, clearly and concisely.
  • Ongoing monitoring and remediation:
    • Track identified risks associated with third parties and ensure timely reviews are performed.
    • Monitor key supplier performance against established SLAs and regulatory requirements.
    • Track and collaborate with internal partners and vendors to remediate any risk-related issues. 

Education

  • Bachelor's degree in a relevant field such as Business, Finance, Information Technology, or a related discipline (Preferred)
  • Experience in lieu of Bachelor's Degree –7+ years of relevant experience without a degree 

Certification/Licensure

  • CISA, CRISC, CISM, CISSP, or other relevant certifications are preferred

Experience

  • 5+ years of relevant experience with a degree 
  • Strong understanding of Third-Party Risk Management (TPRM) principles, concepts, and best practices.
  • Experience in conducting vendor risk assessments and evaluating internal controls, potentially leveraging frameworks like ISO 27001/2, NIST 800-53, NIST CSF, SOC1/SOC2, CSA CCM, and Shared Assessments SIG.
  • Working knowledge of contract management principles and practices, including contract negotiation and analysis.
  • Excellent communication skills, both written and verbal, with the ability to effectively articulate security control requirements, assessment results, and risk considerations to diverse audiences.
  • Strong analytical, critical thinking, and problem-solving skills, with the ability to digest and analyze complex information with attention to detail and accuracy.
  • Ability to work collaboratively in a cross-functional environment and build strong relationships with internal and external partners.
  • Proficiency in Microsoft Office Suite (Excel, PowerPoint, Word) and potentially GRC (Governance, Risk, and Compliance) tools like OneTrust (highly desirable), Archer, or ServiceNow

Keywords: TPRM, Third party Risk assessment

Sentara Health, an integrated, not-for-profit health care delivery system, celebrates more than 135 years in pursuit of its mission – “we improve health every day.” Sentara is one of the largest health systems in the U.S. Mid-Atlantic and Southeast, and among the top 20 largest not-for-profit integrated health systems in the country, with 34,000 employees, 12 hospitals in Virginia and Northeastern North Carolina including 10 hospitals with the prestigious Magnet® recognition, and the Sentara Health Plans division which serves more than 1 million members in Virginia and Florida. Sentara is recognized nationally for clinical quality and safety, and is strategically focused on innovation and creating an extraordinary health care experience for our patients and members. Sentara was named a Health Quality Innovator of the Year (2024), was recognized by Forbes as “America’s Best-In-State Employer” (2024), “Best Employer for Veterans” (2022, 2023), and “Best Employer for Women” (2020), and named to IBM Watson Health’s “Top 15 Health Systems” (2021, 2018).

Learn more

A woman smiling as a healthcare worker helps her with arm exercises in a bright, sunlit room.
A woman smiling as a healthcare worker helps her with arm exercises in a bright, sunlit room.
A woman smiling as a healthcare worker helps her with arm exercises in a bright, sunlit room.

Our Culture

At Sentara, our differences are our strengths. The unique backgrounds, skills, and experiences that each Sentara colleague brings to work make Sentara special and allow us to deliver excellent service and care to our patients, members, and communities.

Our Benefits

We are committed to consistently enhancing our training, advancement tracks, work-life benefits, and more. Our goal is to make you feel more excited to be here every day!

Two female doctors in lab coats smiling and chatting in a hospital hallway.
Two female doctors in lab coats smiling and chatting in a hospital hallway.
Two female doctors in lab coats smiling and chatting in a hospital hallway.
Two nurses in scrubs smiling and chatting during a break, one holding a coffee cup in a bright hospital setting.
Two nurses in scrubs smiling and chatting during a break, one holding a coffee cup in a bright hospital setting.

The Sentara Nursing Experience

Making a meaningful impact on health requires compassion, dedication, continuous learning, teamwork and collaboration. At Sentara, we also recognize that in valuing the professional and personal well-being of our nurses, we build a stronger, more supportive workplace for our nurses. And that’s making us healthier from the inside out. These principles unite our nurses across various roles and locations.

Two nurses in scrubs smiling and chatting during a break, one holding a coffee cup in a bright hospital setting.
Surgical assistant in scrubs and mask operates medical monitor in an operating room with other staff in the background.

The Sentara Clinical Experience

No matter where you choose to join us, in an inpatient or outpatient setting, you will be part of an interdisciplinary Clinical team passionate about quality care and patient safety. You will have access to the tools and technologies you need to succeed and the chance to learn and grow through training and educational programs so you can advance your career as a Clinical professional.

Smiling healthcare worker assists a male patient at a clinic front desk while another nurse works in the background.

The Sentara Support Services Experience

Each day, the Sentara Support Services team helps improve healthcare at more than 300 Virginia and Northeastern North Carolina sites. We perform various patient care activities, provide multiple services, and handle administrative functions that support our patients and their families. These vital functions include assisting the medical team in all aspects of medical care, such as treatments, procedures, and diagnostic and laboratory testing.

Smiling medical professionals in scrubs and a lab coat sitting at a table.

The Medical Group Experience

As part of Sentara Health, Sentara Medical Group providers have diverse opportunities across regions and inpatient and outpatient locations. For those providers based in one of 12 hospitals, we have close working relationships with the administration, ensuring a collegial and collaborative environment where all can come together around shared initiatives.

Guided by a dedicated board of providers, Sentara Medical Group not only offers leadership opportunities for its providers but also underscores the group’s crucial role in fulfilling Sentara’s overarching mission to meet the needs of our diverse patient populations, some of our most vulnerable communities. Our physicians and APPs enjoy opportunities for both personal and professional career growth through a network of resources aimed to cultivate an environment suitable for a lifelong career home.

Your Perspective Matters

Nurses are the heartbeat of our exceptional team. Our approach empowers nurses to actively participate in decision-making. Our nurses have a stake in shaping their workplace as well as their own career growth; one of the benefits of our focus on supporting and valuing team members. This framework encompasses our nursing mission, vision, values, philosophy, and the essential elements of our Professional Practice Model.

This image illustrates the Sentara Nursing Professional Practice Model. Read more about it on The Sentara Nurse Experience page.

Visual representation of the Sentara Nursing Professional Practice Model.

Our Award-Winning Care

Forbes 2024 America's Best-In-State Employers. Powered by Statista
Forbes 2023 The Best Employers for Veterans. Powered by Statista.
Virginia Values Veterans. Official V3 Certified Company
America's Greatest Workplaces for Women 2025. Newsweek. Plant-A Insights Group
2024 Health Quality Innovator of the Year
2024 LGBTQ+ Healthcare Equality High Performer. Human Rights Campaign. Healthcare Equality Index.
Magnet Recognized. American Nurses Credentialing Center.

We Are an Equal Opportunity Employer

Sentara Health is an Equal Opportunity Employer committed to the hiring, advancement, and fair treatment of every individual. Sentara and its affiliates do not discriminate against any individual or group of individuals on the basis of race, color, religion, ancestry, national origin, marital status, age, sex, sexual orientation, gender identity or expression, genetic information, physical or mental disability, pregnancy, medical condition, veteran status or any other legally protected characteristics.

Similar Jobs

Talent Network

Join our talent network to sign up for job alerts and be matched with great opportunities!

Upcoming Events

Explore our Events

We Are an Equal Opportunity Employer

Sentara Health is an Equal Opportunity Employer committed to the hiring, advancement, and fair treatment of every individual. Sentara and its affiliates do not discriminate against any individual or group of individuals on the basis of race, color, religion, ancestry, national origin, marital status, age, sex, sexual orientation, gender identity or expression, genetic information, physical or mental disability, pregnancy, medical condition, veteran status or any other legally protected characteristics.

');