1

Third Party Cybersecurity Risk Jobs in Michigan (NOW HIRING)

Evaluate and manage third-party vendor security risks, conduct security assessments and ensure ... focus on risk-based remediation. * U.S. Citizen or U.S. Permanent Resident allowing for ...

Evaluate and manage third-party vendor security risks, conduct security assessments and ensure ... focus on risk-based remediation. * U.S. Citizen or U.S. Permanent Resident allowing for ...

Evaluate and manage third-party vendor security risks, conduct security assessments and ensure ... focus on risk-based remediation. * U.S. Citizen or U.S. Permanent Resident allowing for ...

Evaluate and manage third-party vendor security risks, conduct security assessments and ensure ... focus on risk-based remediation. * U.S. Citizen or U.S. Permanent Resident allowing for ...

... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... Security Operations, Third-Party Risk Management, and ServiceNow AI Control Tower use cases

... in cybersecurity. Join our team to deliver powerful solutions that help clients navigate an ... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional ...

next page

Showing results 1-20

Third Party Cybersecurity Risk information

How much does a third party risk analyst make?

A third party risk analyst typically earns between $70,000 and $110,000 annually, depending on experience, location, and industry. Professionals in cybersecurity risk management often hold certifications like CISSP or CRISC, which can influence salary levels.

Is third party risk management a good career?

Third Party Cybersecurity Risk management is a growing field that involves assessing and mitigating risks from external vendors and partners. It requires knowledge of cybersecurity principles, risk assessment tools, and often certifications like CISSP or CISM. The role offers opportunities in various industries with increasing demand due to the importance of supply chain security.

What is third-party risk management in cybersecurity?

Third-party risk management in cybersecurity involves identifying, assessing, and mitigating risks posed by external vendors, suppliers, or partners that have access to an organization’s systems or data. For cybersecurity professionals, this includes evaluating third-party security controls, conducting audits, and ensuring compliance with standards like ISO 27001 or NIST frameworks to reduce potential vulnerabilities. Effective management helps prevent data breaches and maintains the organization’s security posture.

What is the difference between Third Party Cybersecurity Risk vs Cybersecurity Analyst?

AspectThird Party Cybersecurity RiskCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACISSP, CompTIA Security+, CEH
Work EnvironmentVendor assessments, risk management teams, client organizationsSecurity operations centers, IT departments, consulting firms
Industry UsageSupply chain, vendor management, complianceNetwork security, incident response, vulnerability assessment

Third Party Cybersecurity Risk professionals focus on evaluating and managing risks from external vendors and partners, ensuring compliance and reducing supply chain vulnerabilities. Cybersecurity Analysts primarily monitor, analyze, and respond to security threats within an organization’s own systems. While both roles require security certifications and involve risk assessment, their focus areas and work environments differ significantly.

Can you make $500,000 a year in cyber security?

Third Party Cybersecurity Risk professionals can potentially earn $500,000 annually, especially at senior levels or in executive roles such as Chief Information Security Officer (CISO). Achieving this salary typically requires extensive experience, advanced certifications like CISSP or CISM, and leadership responsibilities overseeing large security programs. Compensation varies based on industry, company size, location, and individual expertise.
What job categories do people searching Third Party Cybersecurity Risk jobs in Michigan look for? The top searched job categories for Third Party Cybersecurity Risk jobs in Michigan are:
What cities in Michigan are hiring for Third Party Cybersecurity Risk jobs? Cities in Michigan with the most Third Party Cybersecurity Risk job openings:
Infographic showing various Third Party Cybersecurity Risk job openings in Michigan as of July 2026, with employment types broken down into 90% Full Time, 7% Part Time, and 3% Contract. Highlights an 79% Physical, 5% Hybrid, and 16% Remote job distribution.
IT GRC Program Administrator II

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 19 days ago


United Wholesale Mortgage rating

7.8

Company rating: 7.8 out of 10

Based on 96 frontline employees who took The Breakroom Quiz

98th of 148 rated financial services


Job description

As an IT GRC Program Administrator II at United Wholesale Mortgage, your role involves leading information security initiatives to minimize risk and maximize compliance. Responsibilities will include assessments, management of audit fulfillment and risk remediation, as well as governance of business data and records. You will also play a pivotal role in key programs like Business Continuity/Disaster Recovery, IT Risk Management, Third Party Risk Management, Data Governance, and Security Awareness.

Your function extends to monitoring adherence to security controls and compliance standards, spearheading specific initiatives, and nurturing an environment of security awareness through coaching. All planning, coordination, and execution of work assignments will align with the priorities established by the Information Security Team Lead.


  • Maintaining and enhancing corporate policies in line with industry standards and corporate needs.
  • Ensuring effective communication and comprehension of policy obligations across various stakeholders through multiple channels.
  • Regularly reviewing, updating, and modifying policies to align with organizational changes.
  • Improving and managing the implementation of metrics for GRC activities to monitor compliance adherence, risk treatment, and improvement projects.
  • Regularly reporting these metrics and progress to various audiences, including senior leadership.
  • Managing and optimizing a risk register that encapsulates all risks affecting the business and facilitating the gathering and tracking of these risks.
  • Continually refining our approach to risk evaluation and ensuring a common risk communication language across the organization.
  • Regularly monitoring and reassessing organizational risks, adjusting the organization's stance based on in-place controls.
  • Managing and enhancing our third-party risk management program, including refining evaluation criteria, expected evidence, reevaluation timeframe, and remediation processes.
  • Regularly evaluating new and existing vendors based on their criticality to the business and integrating third-party evaluations into workflows.
  • Identifying third-party issues and tracking them till remediation or business acceptance, and effectively managing third-party offboarding obligations.
  • Enhancing data standards, processes, and procedures to ensure data integrity and compliance, conducting regular audits for data accuracy, completeness, and reliability.
  • Collaborating with stakeholders to understand and document data privacy requirements and assisting with the development of data security models and design.
  • Collaborating with IT and business teams to develop a robust IT risk management framework, regularly reviewing and updating this framework in line with emerging trends, threats, and industry best practices such as ISO 27001, NIST, or COSO.
  • Implementing, managing, and enhancing comprehensive GRC frameworks and toolsets, ensuring they align with organizational needs.
  • Supporting incident management activities in accordance with established frameworks, including incident identification, assessment, tracking, and resolution.
  • Developing and delivering GRC-related training to enhance the organization's understanding of concepts related to compliance, risk, and cybersecurity
  • Facilitating internal and external due diligence requests in accordance with various regulatory agencies and managing the implementation of audit recommendations.
  • Collaborating with legal and regulatory bodies to ensure the organization's cybersecurity program is compliant with all relevant laws, regulations, and industry-standard frameworks.
  • Managing the organization's business continuity planning and disaster recovery efforts in line with accepted frameworks, ensuring plans are regularly updated and tested.
  • Driving the integration of GRC principles and frameworks into the organization's culture and daily activities.
  • Regularly reporting on the status of GRC activities to Senior Leadership and other stakeholders, providing insight into the organization's risk posture, compliance status, and governance effectiveness per established frameworks.
  • Developing and maintaining relationships with external vendors, partners, regulators, and industry bodies to keep abreast of developments in the GRC field, including emerging frameworks and best practices.

Must Have:

  • Bachelor's Degree in Information Technology, Information Security or equivalent, with preferred certifications in CISA, CISSP, CISM, GSEC, BCP, CGRC, or other relevant information security.
  • 2-4 years of experience in IT compliance, risk management, cybersecurity policy analysis, and audit-related work.
  • Proficiency in managing system development processes, end-user computing controls, cloud systems, infrastructure management, and information security practices.
  • Knowledge of security/compliance standards such as CIS, NIST, GDPR, GLBA, CCPA, 23 NYCRR 500, IRS 1075, HIPAA.
  • Excellent communication skills, able to articulate complex concepts effectively.
  • Strong analytical and critical thinking skills.
  • Self-directed, capable of independent work and managing multiple concurrent projects.
  • Keen technology learner with demonstrated ability for identifying potential process improvement opportunities.
  • Onsite presence required.

Ready to join thousands of talented team members who are making the dream of home ownership possible for more Americans? It’s all happening on UWM’s campus, where our award-winning workplace packs plenty of perks and amenities that keep the atmosphere buzzing with energy and excitement.

It’s no wonder that out of our six pillars, People Are Our Greatest Asset is number one. It’s at the very heart of how we treat each other, our clients and our community. Whether it’s providing elite client service or continuously striving to improve, our pillars provide a pathway to a more successful personal and professional life.

From the team member that holds a door open to the one that helps guide your career, you’ll feel the encouragement and support on day one. No matter your race, creed, gender, age, sexual orientation and ethnicity, you’ll be welcomed here. Accepted here. And empowered to Be You Here.

More reasons you’ll love working here include:

  • Paid Time Off (PTO) after just 30 days
  • Additional parental and maternity leave benefits after 12 months
  • Adoption reimbursement program
  • Paid volunteer hours
  • Paid training and career development
  • Medical, dental, vision and life insurance
  • 401k with employer match
  • Mortgage discount and area business discounts
  • Free membership to our large, state-of-the-art fitness center, including exercise classes such as yoga and Zumba, various sports leagues and a full-size basketball court
  • Wellness area, including an in-house primary-care physician’s office, full-time massage therapist and hair salon
  • Gourmet cafeteria featuring homemade breakfast and lunch
  • Convenience store featuring healthy grab-and-go snacks
  • In-house Starbucks and Dunkin
  • Indoor/outdoor café with Wi-Fi

All the above duties and responsibilities are essential job functions subject to reasonable accommodation and change. All job requirements listed indicate the minimum level of knowledge, skills and/or ability deemed necessary to perform the job proficiently. Team members may be required to perform other or different job-related duties as requested by their team lead, subject to reasonable accommodation. This document does not create an employment contract, implied or otherwise. Employment with UWM is "at-will." UWM is an Equal Opportunity Employer. By selecting Apply for this job online you provide consent to UWM to record phone call conversations between you and UWM to be used for quality control purposes.

What United Wholesale Mortgage employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom