1

Contract Risk Jobs in California (NOW HIRING)

Establish the program's strategic and contract risk management approach, including defining risk assessment requirements, mitigation planning, and tracking effectiveness. * Schedule and conduct risk ...

Establish the program's strategic and contract risk management approach, including defining risk assessment requirements, mitigation planning, and tracking effectiveness. * Schedule and conduct risk ...

Establish the program's strategic and contract risk management approach, including defining risk assessment requirements, mitigation planning, and tracking effectiveness. * Schedule and conduct risk ...

Contract Manager

Concord, CA · On-site

$120K - $140K/yr

Contracts & Risk Manager Heavy Civil Construction | Bay Area, CA | $120K to $140K + Discretionary Bonus An established, well capitalized heavy civil contractor in the East Bay is hiring a Contracts ...

Senior Contracts Manager

Long Beach, CA · On-site

$130K - $200K/yr

You'll have the opportunity to shape contract strategy, influence business decisions, mitigate risk, and create best practices that support continued growth and operational excellence. At our Long ...

Senior Contracts Manager

Long Beach, CA · Hybrid

$130K - $200K/yr

You'll have the opportunity to shape contract strategy, influence business decisions, mitigate risk, and create best practices that support continued growth and operational excellence. At our Long ...

Senior Contracts Manager

Long Beach, CA · Hybrid

$130K - $200K/yr

You'll have the opportunity to shape contract strategy, influence business decisions, mitigate risk, and create best practices that support continued growth and operational excellence. At our Long ...

Risk Manager

El Monte, CA · On-site

$97K - $114K/yr

This role is exclusively assigned to the potential contract and plays a crucial role in mitigating risk exposure, supporting safe operations, and driving continuous improvement in loss prevention ...

Risk Manager

El Monte, CA · On-site

$97K - $114K/yr

This role is exclusively assigned to the potential contract and plays a crucial role in mitigating risk exposure, supporting safe operations, and driving continuous improvement in loss prevention ...

This role is exclusively assigned to the potential contract and plays a crucial role in mitigating risk exposure, supporting safe operations, and driving continuous improvement in loss prevention ...

Risk Manager

El Monte, CA · On-site

$97K - $114K/yr

This role is exclusively assigned to the potential contract and plays a crucial role in mitigating risk exposure, supporting safe operations, and driving continuous improvement in loss prevention ...

next page

Showing results 1-20

Contract Risk information

What are some common challenges faced by professionals in Contract Risk roles, and how can they be addressed?

Professionals in Contract Risk roles often encounter challenges such as navigating ambiguous contract language, managing tight deadlines for risk assessments, and ensuring coordination between legal, compliance, and business teams. Addressing these challenges typically involves developing strong communication skills, utilizing risk management tools, and staying updated on regulatory changes. Building collaborative relationships across departments and participating in ongoing training can also help contract risk professionals effectively mitigate risks and add value to their organizations.

What is the difference between Contract Risk vs Contract Administrator?

AspectContract RiskContract Administrator
Primary FocusIdentifying and mitigating contractual risksManaging contract documentation and execution
Required CredentialsLegal or risk management background, certifications in risk managementLegal, administrative, or contract management experience
Work EnvironmentRisk departments, legal teams, project managementContract departments, procurement, project teams

Contract Risk professionals focus on analyzing and reducing contractual risks before and during contract execution, often working closely with legal and risk management teams. Contract Administrators handle the day-to-day management of contracts, ensuring compliance, documentation, and timely execution. While both roles require understanding contracts, Contract Risk emphasizes risk mitigation strategies, whereas Contract Administrators focus on contract administration and operational tasks.

What are the key skills and qualifications needed to thrive as a Contract Risk professional, and why are they important?

To thrive as a Contract Risk professional, you need strong knowledge of contract law, risk assessment, and compliance, usually supported by a degree in law, business, or a related field. Familiarity with contract management software, risk analysis tools, and regulatory frameworks is essential. Exceptional attention to detail, negotiation skills, and the ability to communicate complex concepts clearly are vital soft skills. These competencies help ensure that organizations identify, mitigate, and manage contractual risks effectively, protecting their interests and maintaining regulatory compliance.

What is contract risk?

Contract risk refers to the potential for financial loss, legal exposure, or operational issues arising from the terms, execution, or management of contracts between parties. This can include risks such as non-performance, ambiguous clauses, regulatory non-compliance, and disputes over contract obligations. Identifying and managing contract risk is essential for organizations to safeguard their interests and ensure smooth business operations. Contract risk professionals assess agreements for potential pitfalls and develop strategies to minimize or mitigate these risks.
What are the most commonly searched types of Risk jobs in California? The most popular types of Risk jobs in California are:
What cities in California are hiring for Contract Risk jobs? Cities in California with the most Contract Risk job openings:
Infographic showing various Contract Risk job openings in California as of July 2026, with employment types broken down into 1% As Needed, 65% Full Time, 18% Part Time, 2% Temporary, and 14% Contract. Highlights an 81% Physical, 2% Hybrid, and 17% Remote job distribution.
Sr. Cyber Governance, Risk & Compliance Analyst

Sr. Cyber Governance, Risk & Compliance Analyst

Vuori, Inc

Carlsbad, CA

Full-time

Medical, Retirement, PTO

Posted 23 days ago


Vuori rating

7.6

Company rating: 7.6 out of 10

Based on 15 frontline employees who took The Breakroom Quiz


Job description

Company Description

Vuori is re-defining what athletic apparel looks like: built to move and sweat in but designed with a casual aesthetic to transition into everyday life. We draw inspiration from an active coastal California lifestyle; an integration of fitness, creative expression and life. Our high energy fast paced retail environment is reflected in the clothes we make. We aim to inspire others to take on all aspects of their lives with clarity, enthusiasm and purpose…while having a lot of fun along the way. We are proud to be an outlet for opportunity and for personal growth and success.

Job Description

The Senior Cyber Governance, Risk & Compliance Analyst is a senior level security professional whose primary responsibility is to design, operate, and continuously mature the organization’s Third‑Party / Vendor Risk Management (TPRM) program. In this role, the analyst serves as an embedded risk partner to the business, driving consistent, high‑quality vendor risk outcomes across the full third‑party lifecycle. 

While TPRM is the core focus of this role, the analyst is also expected to contribute meaningfully across other Information Security and Privacy domains as needed, including privacy operations, cyber governance, risk and compliance (GRC), and security operations. This role is ideal for a practitioner who enjoys vendor risk but is comfortable flexing across adjacent security functions in a fast-moving environment. 

What you'll get to do: 

Third‑Party / Vendor Risk Management (Primary Focus) 

  • Design, implement, operate, and continuously mature the Third‑Party Risk Management program, evolving it from a reactive, compliance driven function into a proactive, risk-based capability. 
  • Execute and oversee the full third-party risk lifecycle, including onboarding, inherent and residual risk assessments, due diligence, periodic reviews, contract risk review, issue management, remediation tracking, and ongoing monitoring. 
  • Perform deep technical security and risk assessments of third parties, including cloud services, SaaS platforms, infrastructure providers, and technology vendors. 
  • Review and interpret security assurance artifacts such as SOC 2 Type II reports, penetration test reports, CAIQ, SIG, ISO certifications, and other compliance attestations. 
  • Evaluate complex vendor solutions, including API integrations with critical internal systems, cloud native architectures (AWS, Azure, GCP), and AI/ML platforms. 
  • Assess and manages emerging third-party risks, including artificial intelligence risks such as data provenance, model integrity, data leakage, and secure handling of proprietary or regulated data. 
  • Lead end-to-end issue and remediation management, ensuring accountability, effectiveness, and timely closure of identified control gaps. 
  • Develop and maintain TPRM standards, playbooks, governance models, escalation paths, and operating procedures aligned with regulatory expectations and business needs. 
  • Build and deliver meaningful reporting, dashboards, and metrics that provide leadership with clear visibility into third-party risk posture, trends, and decision points. 

Privacy & Data Protection (Primary Focus) 

  • Support privacy operations, including Data Subject Requests (DSRs), Data Protection Impact Assessments (DPIAs), and data mapping initiatives. 
  • Partner with Privacy and Legal stakeholders to assess vendor and internal data processing risks and ensure appropriate safeguards are in place. 
  • Contribute to privacy related risk assessments, controls validation, and remediation tracking as needed. 

Cyber Governance, Risk & Compliance (Supporting Responsibility) 

  • Support cyber GRC activities, including tracking information security risks, risk exceptions, and remediation plans. 
  • Assist with the implementation and ongoing operation of security and risk management frameworks (e.g., NIST, ISO, SOC 2). 
  • Contribute to audit and assurance activities by providing risk assessments, evidence, and clear articulation of control posture. 

Security Operations & Enablement (Supporting Responsibility) 

  • Provide support to information security operations as needed, including incident response activities, impact analysis, and post incident follow‑up. 
  • Contribute to security awareness and training initiatives, helping translate risk themes into actionable guidance for the business. 
  • Assist with cross functional security initiatives during periods of increased demand or emerging risk. 

Business Partnership & Advisory 

  • Serve as a trusted risk advisor to vendor relationship owners and senior stakeholders, reducing their operational burden while preserving clear risk ownership and accountability. 
  • Partner closely with Legal, Compliance, Procurement, Technology, and Security teams to synthesize requirements and deliver practical, risk‑appropriate solutions. 
  • Review vendor contracts and summarize risk‑relevant provisions, control obligations, and gaps, partnering with Legal to support risk‑informed contract decisions. 
  • Escalate material risks, delays, or control gaps thoughtfully and early, framing issues in clear business terms and presenting well‑defined options for decision‑making. 
Qualifications

Who you are: 

  • 7+ years of progressive experience in Information Security, Third‑Party Risk Management, Vendor Risk Management, GRC, or Operational Risk. 
  • Demonstrated experience owning, building, or leading a Third‑Party / Vendor Risk Management program. 
  • Bachelor's degree in information security, Computer Science, Business Administration, or a related field or equivalent practical experience. 
  • Strong experience conducting security risk assessments, assurance reviews, audits, and remediation management. 
  • Deep technical understanding of cloud, SaaS, infrastructure, and AI vendor risk. 
  • Hands on experience reviewing SOC 2, ISO 27001, penetration test reports, CAIQ, SIG, and similar security documentation. 
  • Strong written and verbal communication skills, with the ability to translate technical risk into a clear business context for diverse audiences, including senior leadership. 
  • Proven ability to work autonomously, manage competing priorities, and drive outcomes in a fast paced environment. 

Additional Information

Our investment in you:

At Vuori, we’re proud to offer the following to our employees: 

  • Health Insurance 
  • Savings and Retirement Plan  
  • Employee Assistance Program 
  • Generous Vuori Discount & Industry Perks 
  • Paid Time Off  
  • Wellness & Fitness benefits  

The salary range for this role is $117,000 per year - $151,000 per year. This role is bonus eligible. 

Vuori is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.  

All your information will be kept confidential according to EEO guidelines.


What Vuori employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom