Third Party Risk Manager

About The Position

Requirements

• Bachelor’s Degree
• 5–8+ years of experience in Third Party Risk Management, vendor risk management, operational risk, compliance, risk advisory, or related consulting functions
• One or more of the following certifications required: Certified Third-Party Risk Professional (CTPRP), Certified Vendor Risk Management Professional (CVRMP), Shared Assessments or other vendor risk management certification
• Familiarity with information security and regulatory frameworks such as the Interagency Guidance, NIST, ISO 27001, SOC 2, HIPAA, PCI DSS, HITRUST, or similar standards
• Experience managing teams and personnel within a consulting, advisory, or professional services environment
• Experience managing multiple client engagements and stakeholders in a fast-paced environment
• Strong understanding of third-party risk lifecycle management, including due diligence, risk assessments, ongoing monitoring, issue management, and remediation tracking
• Experience managing multiple projects and teams in a fast-paced consulting environment
• Demonstrated leadership experience overseeing project execution, client relationships, and team performance
• Proven ability to learn new technologies and systems, especially through independent research and self-study
• Strong verbal and written communication skills with the ability to present technical information to both technical and executive audiences
• Ability to manage project schedules, budgets, staffing, and client expectations
• Ability to travel domestically an average of 20%–50% per year

Nice To Haves

• Experience working within a third party program at a financial institution or consulting on third party programs at financial institutions
• Experience with Archer, ProcessUnity, ServiceNow, OneTrust, or other GRC/VRM platforms
• Experience with security ratings platforms and continuous monitoring solutions
• Experience leading teams and mentoring junior professionals in a consulting or advisory environment
• Bilingual capabilities preferred
• Open to remote work arrangements

Responsibilities

• Leading Third Party Risk Management engagements, including third-party assessments, ongoing monitoring activities, and risk evaluation efforts
• Managing and overseeing assessment teams, project timelines, and client deliverables across multiple engagements
• Supporting TPRM program enhancement initiatives, including governance, policy, process, workflow, and operating model improvements, as client needs arise
• Evaluating third-party controls, documentation, and questionnaire responses in accordance with client standards and regulatory expectations
• Identifying third-party risks, gaps, and remediation considerations across information security, compliance, operational, and vendor management domains
• Delivering executive-level reporting, presentations, and recommendations to client leadership
• Managing, mentoring, coaching, and developing consultants and senior consultants across engagements
• Providing performance feedback, engagement oversight, and career development support for team members
• Supporting hiring, onboarding, staffing, and resource planning activities within the practice
• Supporting business development initiatives, client relationship management, and practice growth efforts

Benefits

• Comprehensive total rewards package
• Career Coach guidance