Third-Party Risk Management (TPRM) Analyst

Job Description

Job Description

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.

We are seeking a Third-Party Risk Management Analyst to join our Governance, Risk, and Compliance (GRC) team supporting a defense and aerospace organization. In this role, you will be responsible for evaluating, managing, and mitigating risks associated with third-party vendors, suppliers, and service providers. You will work closely with the Business Units, Procurement, Security, Legal, IT, Supply Chain, and Compliance teams to ensure our third parties comply withNIST SP 800-171, DFARS 252.204-7012, CMMC, and ITAR / EAR obligationsand meet contractual requirements.

This position is ideal for a professional with 3–5 years of experience in third-party risk management, vendor due diligence, or related cybersecurity compliance functions who thrives in a dynamic, mission-driven environment.This role contributes directly to safeguarding sensitive defense data, maintaining compliance across the third-party ecosystem, and strengthening supply chain resilience.

Responsibilities

• Conduct inherent and residual risk assessments of third parties based on data classification, service criticality, geographic exposure, and regulatory obligations.
• Perform due diligence reviews, including security and compliance questionnaires, evidence validation, and documentation of control effectiveness.
• Partner with Business Units, Procurement, Legal, Information Security, and Compliance to ensure timely onboarding, risk evaluation, and remediation tracking to closure and follow-up validation.
• Support continuous monitoring activities, including periodic risk assessments, sanctions screening, and adverse-media reviews across the vendor lifecycle.
• Monitor and analyze third-party performance, incidents, and risk indicators to identify emerging risk and trends.
• Collaborate with cross-functional teams to ensure adherence to defense-specific standards and regulatory frameworks (e.g., NIST SP 800-171, DFARS, CMMC, ITAR).
• Support the design and enhancement of TPRM workflows, including process automation and data-driven risk analytics.
• Assist in developing and maintaining the third-party inventory, ensuring all vendor profiles, tier classifications, and risk ratings are accurately captured, continuously updated, and aligned with program governance requirements.
• Create and maintainexecutive dashboards and risk reports summarizing vendor posture, risk trends, and remediation progress for leadership.
• Assist in regulatory, customer, and internal audits, ensuring third-party documentation and evidence meetdefense-sector and compliance requirements.

Required Qualifications

Preferred Qualifications

Benefits :

Medical Insurance :  Comprehensive health insurance plans covering a range of services

Saronic pays 100% of the premium for employees and 80% for dependents

Dental and Vision Insurance :   Coverage for routine dental check-ups, orthodontics, and vision care

Saronic pays 99% of the premium for employees and 80% for dependents

Time Off :   Generous PTO and Holidays

Parental Leave :  Paid maternity and paternity leave to support new parents

Competitive Salary :  Industry-standard salaries with opportunities for performance-based bonuses

Retirement Plan :  401(k) plan

Stock Options :  Equity options to give employees a stake in the company’s success

Life and Disability Insurance :   Basic life insurance and short- and long-term disability coverage

Additional Perks :   Free lunch benefit and unlimited free drinks and snacks in the office

This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person” : (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in  8 U.S.C. 1324b(a)(3) .

Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.