Sr Data Analyst Third Party Risk

Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.

How you can make a difference

We're looking for a highly motivated and analytical Sr Third Party Risk Security Data Analyst to join our team. You'll play a crucial part in assessing, monitoring, and reporting on cybersecurity risks, directly contributing to our organization's overall supply chain security posture. This new role is responsible for collecting and interpreting cybersecurity data to develop performance reports, dashboards, and key metrics (KRIs/KPIs) for stakeholders. This role is responsible for assessing the security program's maturity against frameworks like NIST CSF and ensuring compliance objectives are met. This role requires strong analytical skills and the ability to clearly visualize and communicate cybersecurity risks and mitigation strategies to leadership.

What you'll be doing

Assist in the collection, analysis, and interpretation of data for cybersecurity risk assessments, helping us to surface emerging risks by creating meaningful performance reports.

• Develop, track, and report on key risk indicators (KRIs) and key performance indicators (KPIs) to monitor the effectiveness of our operations partner's security controls and risk mitigation efforts.

• Create and maintain compelling dashboards, reports, and presentations using tools (e.g., Power BI, Tableau, DOMO) and Microsoft Office Suite (Excel, PowerPoint) to clearly visualize and communicate trends and emerging risks to various stakeholders.

• Design new performance reports that demonstrate we're meeting pre-established compliance objectives.

• Support the assessment of our cybersecurity program's maturity against established industry frameworks, particularly NIST Cybersecurity Framework (CSF), and help us map current security controls and practices to relevant security standards (e.g., CIS Controls).

• Contribute to the thorough documentation of risk findings, mitigation strategies, and security policies and procedures.

• Participate in discussions around risk treatment plans, offering sound quantitative data when proposing reasonable and effective solutions.

• Stay informed about the latest cybersecurity threats, vulnerabilities, and industry's best practices.

What you will need to be successful

• Bachelor's degree in mathematics, Finance, Accounting, or similar quantitative discipline.
• 5+ years of experience in cybersecurity, IT risk, data analysis, or a related quantitative role, which could include internships or significant academic projects.
• Deep familiarity with generative AI resources and tools, such as Microsoft Copilot, Meta AI, Gemini and ChatGPT.

• Ability to work with large blocks of unstructured or semi-structured data to match and compare similar datasets.

• Mastery of spreadsheet capabilities such as Pivot Tables, vLookups, Trim, Truncate, Join, etc.

• Understanding of cybersecurity program maturity models and how they depict stages of progression within a security program.

• Familiarity with leading and lagging key risk indicators (KRIs) and key performance indicators (KPIs) within a technical or business context.

• Proficiency with data analysis and visualization tools, specifically Microsoft Power BI and the Microsoft Office Suite (Excel, PowerPoint, Word).

• Familiarity with common cybersecurity frameworks, particularly the NIST Cybersecurity Framework (CSF), and a basic understanding of similar security frameworks (e.g., ISO 27001, CIS Controls).

• Foundational understanding of core cybersecurity concepts including common threats, vulnerabilities, types of security controls, network fundamentals, and operating systems.

• Ability to work independently, manage multiple tasks, and prioritize effectively in a dynamic environment.

• Solid quantitative judgment and intuition when assessing risks and proposing reasonable solution sets.

• Strong verbal and written communication skills, with the ability to articulate complex technical and risk information clearly to both technical and non-technical audiences.
• Eagerness to learn, adapt, and grow within the cybersecurity risk management domain.
• Cybersecurity: CISM, CRISC, CompTIA Security+, CCSP, CISSP
• Microsoft Certified: Power BI Data Analyst Associate, or other relevant security/data analysis certifications.

#LI-Remote

This is a remote position.

The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Uncapped paid time off
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education& tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

HealthEquity has a vision that by2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.

You belong at HealthEquity!

HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity - you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity uses Microsoft Copilot to transcribe screening interviews between candidates and their direct Talent Partner for note taking and interview summaries. By scheduling a screening interview with us, you consent to Microsoft Copilot's AI technology recording and transcribing your interview with your Talent Partner. This information will be reviewed for accuracy and then used by HealthEquity to summarize the interview, ensure accuracy, and facilitate our hiring process. We take privacy seriously. You have the option to opt out. If you wish to opt out of this Microsoft Copilot transcription, please notify your Talent Partner in advance of the interview. If we do not receive an opt-out request from you, we will assume that you consent to the use of Microsoft Copilot.

At HealthEquity, our goal is to save and improve lives by empowering healthcare consumers. This shared purpose inspires everything we do, including how we approach hiring. Our process is designed to get to know the real you: your skills, experiences, and potential to make a difference. We value honesty, originality, and the courage to do the right thing, even when it is not the easiest path. Showing up as your authentic self reflects these values and helps us build something truly remarkable together.

As AI is becoming a common tool throughout the application process, we want to be clear about its appropriate use at HealthEquity. Using AI to support resume writing, research, or interview preparation is perfectly acceptable, provided the content is accurate and genuinely represents your qualifications and skills. For other key parts of our interview process, however, it is important that the ideas, communication, and work you share reflect your own voice, experiences, and thinking. We ask that you participate in our live interviews and complete any assessments without AI assistance unless instructions explicitly indicate otherwise or a specific exception is discussed and approved in advance. This approach ensures fairness, celebrates your individuality, and allows your authentic perspective to shine. Behaviors that do not align with these guidelines may result in disqualification from the hiring process or termination of employment if later discovered. We appreciate your understanding and look forward to learning about the unique contributions only you can bring to HealthEquity.

HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.