InformationSecurityThird-PartyRiskAnalyst

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One. ## **_Job Description_** ## __This position is not eligible for visa sponsorship.__ **Location expectations:** This role requires working from a U.S. Bank location three (3) or more days per week. US Bank is seeking an Information Security Third-Party Risk Analyst to join our Information Security organization, supporting third-party risk management and vendor security oversight. This role is responsible for evaluating and managing information security risk across external vendors, ensuring appropriate controls are in place, and driving remediation of identified risks. This person will perform hands-on third-party security risk assessments, analyze vendor controls and security posture, and partner with internal stakeholders and external vendors to reduce risk exposure. They will play a key role in identifying control gaps, tracking remediation, supporting contract security reviews, and contributing to ongoing risk monitoring, reporting, and audit activities. ### **Responsibilities:** * Perform information security risk assessments on third-party vendors (new and existing) * Review and analyze vendor security questionnaires, control responses, and supporting documentation * Identify security gaps, control deficiencies, and non-compliance issues * Document and track risk findings and remediation efforts through resolution * Evaluate vendor remediation plans and compensating controls * Partner with business stakeholders and third parties