Experience leveraging AI, predictive analytics, or automation in vendor management * Familiarity with third-party risk management frameworks (TPRM) * Experience with IT financial management ...
Experience leveraging AI, predictive analytics, or automation in vendor management * Familiarity with third-party risk management frameworks (TPRM) * Experience with IT financial management ...
Configure and implement SAP GRC Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management * Support SAP GRC ...
Configure and implement SAP GRC Access Control capabilities, including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management * Support SAP GRC ...
... with third-party relationships and provides risk-based recommendations that enable informed ... analyzing adverse media and ownership information, documenting and communicating risk ...
... with third-party relationships and provides risk-based recommendations that enable informed ... analyzing adverse media and ownership information, documenting and communicating risk ...
... with third-party vendor risk management program. * Other duties, as assigned, are based on the ... Demonstrate good critical thinking, analytical, and critical thinking skills, and ability to share ...
Quick apply
... with third-party vendor risk management program. * Other duties, as assigned, are based on the ... Demonstrate good critical thinking, analytical, and critical thinking skills, and ability to share ...
... with third-party vendor risk management program. * Other duties, as assigned, are based on the ... Demonstrate good critical thinking, analytical, and critical thinking skills, and ability to share ...
... with third-party vendor risk management program. * Other duties, as assigned, are based on the ... Demonstrate good critical thinking, analytical, and critical thinking skills, and ability to share ...
Cybersecurity Professional
Raleigh, NC · On-site
... and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc ... analysis. • Multi-task and manage demands of multiple projects, incidents, and tasks. • Meet ...
Cybersecurity Professional
Raleigh, NC · On-site
... and third-party cybersecurity risk. Examine audit reports (e.g., SOC 1, SOC 2, ISO 27001, etc ... analysis. • Multi-task and manage demands of multiple projects, incidents, and tasks. • Meet ...
Incorporate third party and delegated entity risk into the broader ERM framework and reporting ... Analyze qualitative and quantitative risk data (e.g., incidents, claims trends, KRIs) to identify ...
Incorporate third party and delegated entity risk into the broader ERM framework and reporting ... Analyze qualitative and quantitative risk data (e.g., incidents, claims trends, KRIs) to identify ...
Incorporate third party and delegated entity risk into the broader ERM framework and reporting ... Analyze qualitative and quantitative risk data (e.g., incidents, claims trends, KRIs) to identify ...
Incorporate third party and delegated entity risk into the broader ERM framework and reporting ... Analyze qualitative and quantitative risk data (e.g., incidents, claims trends, KRIs) to identify ...
Cybersecurity Professional
Raleigh, NC · On-site
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g ... Malware analysis. * Multi-task and manage demands of multiple projects, incidents, and tasks.
Cybersecurity Professional
Raleigh, NC · On-site
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g ... Malware analysis. * Multi-task and manage demands of multiple projects, incidents, and tasks.
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g ... Malware analysis. * Multi-task and manage demands of multiple projects, incidents, and tasks.
Supports assessment of internal and third-party cybersecurity risk. Examine audit reports (e.g ... Malware analysis. * Multi-task and manage demands of multiple projects, incidents, and tasks.
GRC Business Analyst
Durham, NC · On-site
1.7+ years as Business Analyst in GRC, IT governance, and risk management (FFIEC, ITIL, COBIT, IAM, MFA). 2.Certifications: CISA, CRISC, CISSP. 3.Process Design: Skilled in process diagrams and ...
Quick apply
GRC Business Analyst
Durham, NC · On-site
1.7+ years as Business Analyst in GRC, IT governance, and risk management (FFIEC, ITIL, COBIT, IAM, MFA). 2.Certifications: CISA, CRISC, CISSP. 3.Process Design: Skilled in process diagrams and ...
Set firm aligned compliance requirements across audit methodology, SDLC, privacy, cybersecurity, third party risk, AI/GenAI, and data management lifecycle. Shape how risk and compliance are embedded ...
Set firm aligned compliance requirements across audit methodology, SDLC, privacy, cybersecurity, third party risk, AI/GenAI, and data management lifecycle. Shape how risk and compliance are embedded ...
Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II
Raleigh, NC · On-site
Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0. * Develop security solutions for custom transactions, tables, programs ...
Cyber - SAP Security and GRC Access & Process Control Consultant / Security Engineer II
Raleigh, NC · On-site
Analyze segregation of duties risks, support ruleset updates, and perform user- and role-level risk assessments in SAP GRC 12.0. * Develop security solutions for custom transactions, tables, programs ...
Utilize third party system to review social media for compliance with FINRA & ACA Foreside policies ... ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We ...
Utilize third party system to review social media for compliance with FINRA & ACA Foreside policies ... ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We ...
The individual will use data analysis techniques to detect and prevent first and third-party debit ... RESPONSIBILITIES Subject matter expertise for card-based risk and fraud prevention- related ...
The individual will use data analysis techniques to detect and prevent first and third-party debit ... RESPONSIBILITIES Subject matter expertise for card-based risk and fraud prevention- related ...
Credit/Reconciliation Analyst
Raleigh, NC · On-site
... analyzing credit histories and financial statements, and establishing customer credit limits ... Registration of All Third-Party Billing Systems: * Review documentation for set up and attend ...
Credit/Reconciliation Analyst
Raleigh, NC · On-site
... analyzing credit histories and financial statements, and establishing customer credit limits ... Registration of All Third-Party Billing Systems: * Review documentation for set up and attend ...
Safety and Risk Manager
Louisburg, NC · On-site
$72K - $75K/yr
Serves as the liaison with Third Party Administrators (TPA) for public liability claims. Serves as ... Analytical ability and inductive thinking to adapt policies, procedures and methods for emergency ...
Safety and Risk Manager
Louisburg, NC · On-site
$72K - $75K/yr
Serves as the liaison with Third Party Administrators (TPA) for public liability claims. Serves as ... Analytical ability and inductive thinking to adapt policies, procedures and methods for emergency ...
Head of Technology Risk, Governance, and Controls
$220K - $350K/yr
Hands-on experience with GRC platforms (e.g., ServiceNow GRC, Archer, or equivalent) to ... Experience assessing third-party, vendor, and cloud-dependency technology risk, including ...
Head of Technology Risk, Governance, and Controls
$220K - $350K/yr
Hands-on experience with GRC platforms (e.g., ServiceNow GRC, Archer, or equivalent) to ... Experience assessing third-party, vendor, and cloud-dependency technology risk, including ...
Safety and Risk Manager
$72K - $75K/yr
Serves as the liaison with Third Party Administrators (TPA) for public liability claims. Serves as ... Analytical ability and inductive thinking to adapt policies, procedures and methods for emergency ...
Safety and Risk Manager
$72K - $75K/yr
Serves as the liaison with Third Party Administrators (TPA) for public liability claims. Serves as ... Analytical ability and inductive thinking to adapt policies, procedures and methods for emergency ...
Head of Technology Risk, Governance, and Controls
$220K - $350K/yr
Hands-on experience with GRC platforms (e.g., ServiceNow GRC, Archer, or equivalent) to ... Experience assessing third-party, vendor, and cloud-dependency technology risk, including ...
Head of Technology Risk, Governance, and Controls
$220K - $350K/yr
Hands-on experience with GRC platforms (e.g., ServiceNow GRC, Archer, or equivalent) to ... Experience assessing third-party, vendor, and cloud-dependency technology risk, including ...
Grc Third Party Risk Analyst information
See Raleigh, NC salary details
$43.3K - $50.3K
9% of jobs
$56.5K is the 25th percentile. Wages below this are outliers.
$50.3K - $57.4K
18% of jobs
$57.4K - $64.5K
0% of jobs
$64.5K - $71.5K
6% of jobs
$71.5K - $78.6K
2% of jobs
$78.6K - $85.7K
4% of jobs
$85.7K - $92.7K
2% of jobs
The median wage is $93.8K / yr.
$92.7K - $99.8K
52% of jobs
$99.8K - $106.9K
6% of jobs
$106.9K - $114K
0% of jobs
$114K - $121K
0% of jobs
$43.3K
$84.3K
$121K
How much do grc third party risk analyst jobs pay per year?
What are some typical challenges a GRC Third Party Risk Analyst may encounter when assessing vendors?
What are the key skills and qualifications needed to thrive as a GRC Third Party Risk Analyst, and why are they important?
What is a GRC Third Party Risk Analyst?
What is the difference between Grc Third Party Risk Analyst vs Grc Vendor Risk Analyst?
| Aspect | Grc Third Party Risk Analyst | Grc Vendor Risk Analyst |
|---|---|---|
| Certifications | Certifications like CRISC, CISA often preferred | Same certifications commonly required |
| Work Environment | Focuses on third-party relationships and risk assessments | Primarily evaluates vendor-specific risks and compliance |
| Industry Usage | Used across finance, healthcare, and tech sectors | Commonly found in industries with extensive vendor networks |
The Grc Third Party Risk Analyst and Grc Vendor Risk Analyst roles overlap significantly in certifications and work environment. The main difference lies in scope: the Third Party Risk Analyst assesses overall third-party relationships, while the Vendor Risk Analyst concentrates specifically on individual vendors. Both roles are vital for managing third-party risks in various industries.
Other
Posted 5 days ago
Deloitte rating
8.1
Based on 90 frontline employees who took The Breakroom Quiz
59th of 148 rated financial services
Job description
Overview
Deloitte Technology US (DT-US), an internal enterprise technology organization within Deloitte, is seeking a Senior Manager to lead the Vendor Management Office (VMO). This role serves as a strategic leader responsible for defining and executing the enterprise vendor management strategy across Deloitte's technology ecosystem.
You will lead a high-performing VMO function that drives vendor governance, financial optimization, performance management, and risk alignment across a complex portfolio of strategic technology partners. This role operates at the intersection of technology, finance, procurement, and risk, ensuring Deloitte maximizes value from its vendor investments while enabling innovation, scalability, and operational excellence.
As a VMO leader, you will shape the future of vendor management through ServiceNow-enabled automation, AI-driven insights, and continuous capability evolution, aligning vendor strategy with enterprise priorities.
Recruiting for this role ends on September 30, 2026
Work You'll Do
- Lead the enterprise vendor management strategy across DT-US.
- Establish and evolve governance frameworks, operating models, policies, and standards across the vendor lifecycle.
- Advise the CIO, COO, and senior business leaders on vendor strategy, selection, and portfolio governance.
- Drive alignment across U.S. and Global VMO priorities and strategies.
- Build, lead, and develop a multidisciplinary VMO team spanning vendor governance, performance, financial management, and risk.
- Oversee end-to-end vendor lifecycle management, from onboarding through renewal or exit, while ensuring alignment with architecture, security, compliance, and risk requirements.
- Lead vendor portfolio strategy through major transformation efforts, including large-scale technology initiatives, mergers and acquisitions, and divestitures.
- Own vendor performance and financial management, including SLA/SLO alignment, KPI tracking, executive reporting, budgeting, forecasting, cost optimization, and issue remediation.
- Lead the enterprise VMO technology roadmap in ServiceNow, including Supplier Lifecycle Operations and Contract Management Pro, to advance automation, standardization, analytics, and AI-enabled capabilities.
- Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
A successful candidate would possess these skills:
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
Qualifications Required
- Bachelor's degree
- 10+ years of experience in IT vendor management, supplier governance, strategic sourcing, or enterprise technology operations
- 2+ years experience leading or transforming a Vendor Management Office or similar governance function in addition to working on the budgeting, forecasting and cost optimizations of VMOs
- 8+ years vendor lifecycle management, performance governance, and financial management
- 1+ years recently working with ServiceNow Supplier Lifecycle Operations (SLO) and Contract Management Pro as core VMO platform modules
- Bachelor's degree in Business, Finance, Information Systems, or equivalent
- Limited immigration sponsorship may be available
- Ability to travel 0-10%, on average, based on the work you do; this role is predominantly remote with the option to work from home or a nearby Deloitte office
Preferred
- Proven ability to lead teams and influence senior stakeholders
- Strong strategic, analytical, and problem-solving skills
- Executive communication and presentation skills
- Experience in large-scale enterprise IT environments
- Experience leveraging AI, predictive analytics, or automation in vendor management
- Familiarity with third-party risk management frameworks (TPRM)
- Experience with IT financial management, chargeback/showback models
- Experience developing vendor market intelligence and benchmarking
- MBA or equivalent graduate degree
Why Join DT-US?
DT-US powers the technology ecosystem behind Deloitte's U.S. businesses. You will join a forward-looking organization focused on innovation, operational excellence, and scalable governance models that enable enterprise transformation.
This is an opportunity to lead and shape a critical enterprise capability, driving measurable impact across vendor strategy, financial performance, and technology delivery.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $113,100 to $208,300.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
EA_ExpHire
#LH-1
EA_ITS_ExpHire
Qualifications:Overview
Deloitte Technology US (DT-US), an internal enterprise technology organization within Deloitte, is seeking a Senior Manager to lead the Vendor Management Office (VMO). This role serves as a strategic leader responsible for defining and executing the enterprise vendor management strategy across Deloitte's technology ecosystem.
You will lead a high-performing VMO function that drives vendor governance, financial optimization, performance management, and risk alignment across a complex portfolio of strategic technology partners. This role operates at the intersection of technology, finance, procurement, and risk, ensuring Deloitte maximizes value from its vendor investments while enabling innovation, scalability, and operational excellence.
As a VMO leader, you will shape the future of vendor management through ServiceNow-enabled automation, AI-driven insights, and continuous capability evolution, aligning vendor strategy with enterprise priorities.
Recruiting for this role ends on September 30, 2026
Work You'll Do
- Lead the enterprise vendor management strategy across DT-US.
- Establish and evolve governance frameworks, operating models, policies, and standards across the vendor lifecycle.
- Advise the CIO, COO, and senior business leaders on vendor strategy, selection, and portfolio governance.
- Drive alignment across U.S. and Global VMO priorities and strategies.
- Build, lead, and develop a multidisciplinary VMO team spanning vendor governance, performance, financial management, and risk.
- Oversee end-to-end vendor lifecycle management, from onboarding through renewal or exit, while ensuring alignment with architecture, security, compliance, and risk requirements.
- Lead vendor portfolio strategy through major transformation efforts, including large-scale technology initiatives, mergers and acquisitions, and divestitures.
- Own vendor performance and financial management, including SLA/SLO alignment, KPI tracking, executive reporting, budgeting, forecasting, cost optimization, and issue remediation.
- Lead the enterprise VMO technology roadmap in ServiceNow, including Supplier Lifecycle Operations and Contract Management Pro, to advance automation, standardization, analytics, and AI-enabled capabilities.
- Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
A successful candidate would possess these skills:
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
Qualifications Required
- Bachelor's degree
- 10+ years of experience in IT vendor management, supplier governance, strategic sourcing, or enterprise technology operations
- 2+ years experience leading or transforming a Vendor Management Office or similar governance function in addition to working on the budgeting, forecasting and cost optimizations of VMOs
- 8+ years vendor lifecycle management, performance governance, and financial management
- 1+ years recently working with ServiceNow Supplier Lifecycle Operations (SLO) and Contract Management Pro as core VMO platform modules
- Bachelor's degree in Business, Finance, Information Systems, or equivalent
- Limited immigration sponsorship may be available
- Ability to travel 0-10%, on average, based on the work you do; this role is predominantly remote with the option to work from home or a nearby Deloitte office
Preferred
- Proven ability to lead teams and influence senior stakeholders
- Strong strategic, analytical, and problem-solving skills
- Executive communication and presentation skills
- Experience in large-scale enterprise IT environments
- Experience leveraging AI, predictive analytics, or automation in vendor management
- Familiarity with third-party risk management frameworks (TPRM)
- Experience with IT financial management, chargeback/showback models
- Experience developing vendor market intelligence and benchmarking
- MBA or equivalent graduate degree
Why Join DT-US?
DT-US powers the technology ecosystem behind Deloitte's U.S. businesses. You will join a forward-looking organization focused on innovation, operational excellence, and scalable governance models that enable enterprise transformation.
This is an opportunity to lead and shape a critical enterprise capability, driving measurable impact across vendor strategy, financial performance, and technology delivery.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $113,100 to $208,300.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
EA_ExpHire
#LH-1
EA_ITS_ExpHire
Education:Bachelor's DegreeEmployment Type: