Senior Analyst, Third-Party Risk Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

Royal Caribbean Group · 7 hours ago

Senior Analyst, Third-Party Risk Management

positionMiami, FL
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date3+ years exp

Royal Caribbean Group is a vacation-industry leader with global brands, dedicated to providing exceptional experiences for guests. They are seeking a highly skilled Senior Analyst for Third-Party Risk Management to assess, monitor, and mitigate cybersecurity risks associated with third-party vendors, ensuring compliance with security standards and regulatory requirements.

Travel
badNo H1Bnote

Responsibilities

Conduct comprehensive cybersecurity risk assessments for new and existing vendors
Evaluate vendor security posture against industry standards (e.g., NIST, ISO 27001, CIS)
Maintain ongoing monitoring of third-party risks using tools and platforms (e.g., BitSight, OneTrust)
Develop and present risk reports to leadership, highlighting critical findings and remediation plans
Ensure third-party engagements comply with internal security policies and regulatory requirements (e.g. GDPR, HIPAA, PCI DSS)
Collaborate with Legal and Procurement teams to integrate security requirements into contracts and SLAs
Work with vendors to address identified gaps and track remediation progress
Escalate high-risk findings and recommend risk treatment strategies
Support the enhancement of the TPRM program, including process improvements and automation
Assist in developing risk scoring methodologies and vendor tiering models
Partner with internal teams (IT, Compliance, Procurement) to align risk management objectives
Provide guidance and training on third-party risk best practices

Qualification

Cybersecurity risk managementThird-party risk managementRisk assessment methodologiesRelevant certificationsGRCTPRM platformsAnalytical skillsStakeholder managementCommunication skills

Required

Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field
3-4 years in cybersecurity risk management, with at least 2 years focused on third-party/vendor risk
Strong understanding of risk assessment methodologies and regulatory frameworks
Proficiency in risk management tools and platforms
Excellent analytical, communication, and stakeholder management skills
Ability to interpret technical security controls and translate them into business risk impact
Strong understanding of information security frameworks (e.g., NIST CSF, ISO 27001)

Preferred

Relevant certifications preferred (e.g., CISSP, CISM, CRISC)
Proficiency in GRC and TPRM platforms (e.g., OneTrust, ServiceNow GRC preferred) and risk assessment tools

Benefits

Competitive compensation and benefits package
Excellent career development opportunities

Company

Royal Caribbean Group

twittertwittertwitter
Glassdoor3.9
company-logo
Royal Caribbean Group is a cruise vacation company with a global fleet of 63 ships traveling around the world.
dateFounded in 2019
location
Miami, Florida, USA
people-size10001+ employees
web-link
https://www.royalcaribbeangroup.com

Funding

Current Stage
Public Company
Total Funding
$15.43B
Key Investors
RCI HoldingsMorgan Stanley
2025-09-22Post Ipo Debt· $1.5B
2025-05-14Post Ipo Debt· $2.28B
2024-09-16Post Ipo Debt· $1.5B

Leadership Team

leader-logo
Jason Liberty
Chairman and Chief Executive Officer
linkedin
leader-logo
Matt Denesuk
SVP, Chief AI Officer
linkedin

Recent News

PR Newswire
ROYAL CARIBBEAN GROUP NAMED TO THE FORTUNE WORLD'S MOST ADMIRED COMPANIES™ 2026 LIST FOR THE FIRST TIME
2026-01-22
PR Newswire
ROYAL CARIBBEAN GROUP INTRODUCES 'POINTS CHOICE,' SETTING A NEW STANDARD IN TRAVEL LOYALTY
2026-01-16
Morningstar.com
ROYAL CARIBBEAN GROUP TO HOLD CONFERENCE CALL ON FOURTH QUARTER AND FULL YEAR 2025 EARNINGS
2026-01-16
Company data provided by crunchbase