1

Third Party Risk Assessor Jobs (NOW HIRING)

Review completed vendor assessment reports for quality and consistency; ensure TPRM procedures are ... Third Party Risk Management - Demonstrated ability to design, manage, and mature a TPRM program ...

We are seeking a senior third party risk professional who can independently assess complex supplier risks, apply sound judgment, and deliver clear, risk-based recommendations through strong ...

next page

Showing results 1-20

Third Party Risk Assessor information

See salary details

$19

$38

$67

How much do third party risk assessor jobs pay per hour?

As of Jul 9, 2026, the average hourly pay for third party risk assessor in the United States is $38.68, according to ZipRecruiter salary data. Most workers in this role earn between $23.80 and $54.33 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Third Party Risk Assessor, and why are they important?

To thrive as a Third Party Risk Assessor, you need a solid understanding of risk management frameworks, vendor assessment procedures, and regulatory compliance, often supported by a degree in information security, business, or a related field. Familiarity with GRC (Governance, Risk, and Compliance) platforms, risk assessment tools, and industry certifications such as CISA or CRISC is typically required. Strong analytical thinking, attention to detail, and the ability to communicate findings clearly with stakeholders are crucial soft skills. These competencies ensure thorough evaluation of third-party vendors, effective risk mitigation, and compliance with organizational and regulatory standards.

What jobs in the US pay 300,000 a year?

Third Party Risk Assessors typically do not earn $300,000 annually; such high salaries are more common in executive, specialized medical, or senior technology roles. High-paying jobs in risk management or compliance may reach this level with extensive experience, certifications, and leadership responsibilities. Most roles paying this amount require advanced skills, industry expertise, and often a combination of certifications and years of experience.

What is the difference between Third Party Risk Assessor vs Vendor Risk Analyst?

AspectThird Party Risk AssessorVendor Risk Analyst
CertificationsISO 27001, CRISC, CISAISO 27001, CRISC, CISA
Work EnvironmentRisk management teams, compliance departmentsProcurement, compliance, and risk teams
Industry UsageFinancial, healthcare, technologyFinancial, healthcare, technology

The Third Party Risk Assessor and Vendor Risk Analyst roles often share similar certifications and work environments, focusing on evaluating third-party vendors' risks. While the Risk Assessor primarily conducts risk assessments and compliance reviews, the Vendor Risk Analyst may focus more on vendor performance and procurement processes. Both roles are essential in managing third-party relationships and ensuring organizational security and compliance.

What are Third Party Risk Assessors?

Third Party Risk Assessors are professionals responsible for evaluating the risks associated with an organization’s vendors, suppliers, and other external partners. They assess potential threats such as cybersecurity vulnerabilities, compliance issues, financial instability, and operational risks that could impact the business through its third-party relationships. Their work helps ensure that organizations are protected from potential disruptions or breaches originating outside their direct control. By conducting thorough risk assessments, they support informed decision-making and help maintain regulatory compliance.

How much does a third-party risk analyst make?

A third-party risk analyst typically earns between $60,000 and $100,000 annually, depending on experience, certifications, and location. Entry-level positions may start lower, while experienced professionals with specialized skills can earn higher salaries, often with opportunities for bonuses and benefits.

How do you become a risk assessor?

To become a third-party risk assessor, individuals typically need a bachelor's degree in a relevant field such as business, finance, or cybersecurity. Gaining experience in risk management, understanding industry standards, and obtaining certifications like Certified Risk Management Professional (CRMP) or Certified Third Party Risk Professional (CTPRP) can enhance qualifications. Strong analytical skills and familiarity with risk assessment tools are also important for success in this role.

Is third-party risk management a good career?

Third-party risk management is a growing field that involves assessing and mitigating risks associated with external vendors and partners. It requires skills in compliance, cybersecurity, and risk assessment, often supported by certifications like CRISC or CTPRP. The role offers opportunities in various industries and can lead to senior risk management positions.

What are some common challenges faced by Third Party Risk Assessors when evaluating vendors, and how can they be addressed?

Third Party Risk Assessors often encounter challenges such as incomplete vendor documentation, inconsistent risk assessment methodologies across departments, and rapidly changing regulatory requirements. To overcome these, assessors should establish clear communication channels with vendors, utilize standardized assessment frameworks, and stay updated on relevant compliance standards. Collaborating closely with internal stakeholders and leveraging automated risk management tools can also help streamline the evaluation process and ensure thorough risk mitigation.
More about Third Party Risk Assessor jobs
What states have the most Third Party Risk Assessor jobs? States with the most job openings for Third Party Risk Assessor jobs include:
What job categories do people searching Third Party Risk Assessor jobs look for? The top searched job categories for Third Party Risk Assessor jobs are:
Infographic showing various Third Party Risk Assessor job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 68% Full Time, 5% Part Time, 1% Temporary, 3% Contract, and 22% Nights. Highlights an 89% Physical, 2% Hybrid, and 9% Remote job distribution, with an average salary of $80,460 per year, or $38.7 per hour.
AVP, Third-Party Risk Management

AVP, Third-Party Risk Management

Merrick Bank

South Jordan, UT • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 8 days ago


Job description

Join our team and build your career with momentum as we champion your growth, elevate your ideas and engage you in purpose-driven work that makes a real difference every day.
Who we are
Founded in 1997, Merrick Bank is an FDIC®-insured financial institution headquartered in South Jordan, Utah, with over $10 billion in assets. A wholly owned subsidiary of CardWorks Financial Group, Merrick Bank serves roughly five million cardmembers and more than 100,000 merchant customers nationwide.
What we do
We provide credit cards, recreational loans, deposit accounts, merchant services and bank sponsorships to consumers and businesses. As a leader in non-prime lending and merchant acquiring, we combine innovative technology with data-driven insights to help underserved consumers build and strengthen credit while delivering integrated, scalable payment solutions for businesses.
Merrick Bank ranks among the top 20 FDIC®-insured credit card issuers in the U.S. and among the top 15 merchant acquirers by transaction volume.
The Assistant Vice President, Third-Party Risk Management ("TPRM") is responsible for leading key components of the execution, oversight, and strategic enhancement of Merrick Bank's ("Bank") Third-Party Risk Management Program. This role partners across the first and second lines of defense to ensure risks arising from third-party relationships are effectively identified, assessed, monitored, and reported in alignment with regulatory requirements, internal policies, and the Bank's risk appetite.
The AVP serves as a senior program leader responsible for advancing enterprise TPRM strategy, strengthening risk governance, driving consistent risk practices, and delivering actionable insights to senior management and risk governance committees.
Essential Functions:
  • Lead the execution and ongoing enhancement of the Bank's Third-Party Risk Management framework, ensuring alignment with regulatory expectations and internal governance standards.
  • Oversee risk-based third-party due diligence, risk assessments, and ongoing monitoring activities across the full third-party lifecycle, ensuring consistent, defensible, and risk-informed outcomes.
  • Partner with business units, Vendor Relationship Owners, and Subject Matter Experts to identify, assess, and mitigate risks associated with third-party relationships.
  • Provide senior level review and challenge of third-party risk assessments, ensuring conclusions are evidence-based, appropriately documented, and escalated when risk exposure exceeds defined thresholds.
  • Monitor third-party performance, control effectiveness, and risk indicators, escalating issues, control gaps, and emerging risks in accordance with established governance protocols.
  • Lead the design, development, and maintenance of TPRM policies, procedures, standards, and workflows to support a consistent enterprise-wide operating model.
  • Define and Deliver executive, committee, and Board-level reporting that provides clear visibility into third-party risk exposure, trends, issues, concentrations, and emerging risks.
  • Collaborate with Legal, Procurement, Information Security, Compliance, and business stakeholders to ensure appropriate contract provisions, controls, and risk mitigation strategies are implemented.
  • Lead TPRM responses for regulatory exams, internal audits, and independent reviews, including documentation, analysis, issue remediation, and management responses.
  • Drive the TPRM program maturity roadmap, including process improvements, automation, data quality, GRC optimization, regulatory alignment, and adoption of industry best practices.
  • Leads, develops, and mentors TPRM teams, promoting strong risk culture, accountability, high performance, and continuous improvement.
  • Partner with ERM leadership to establish TPRM priorities, roadmap initiatives, governance routines, and success measures aligned to enterprise risk strategy and business objectives.
  • Identify and escalate third-party concentration risk, critical vendor risk, fourth-party risk, control gaps, and emerging risk themes to appropriate governance forums.
  • Delivers executive, committee, and Board level risk reporting, including dashboards and risk insights that support informed decision making and effective oversight.
  • Owns continuous improvement of TPRM tools, data, workflows, reporting, and GRC system capabilities to improve efficiency, transparency, data integrity, and regulatory readiness.
  • Performs other duties as assigned.

Requirements for Success:
Education & Experience:
  • Bachelor's degree in Risk Management, Finance, Business Administration, Accounting, or a related field required; advanced degree or professional certification, such as CTPRP, CTPRA, CRVPM, CRMA, FRM, CPA, OR CIA preferred.
  • Minimum of 8 years of progressive experience in Third-Party Risk Management, Enterprise Risk Management, Operational Risk, or a related risk discipline within a financial services or regulated environment, including experience leading program initiatives, risk governance routines, and team members

Knowledge, Skills and Capabilities:
  • Strong expertise in enterprise risk reporting, including development of executive and Board level materials, risk dashboards, metrics, and written risk summaries.
  • In-depth knowledge of third-party risk regulatory requirements and industry standards, including full TPRM lifecycle.
  • Demonstrated experience aggregating and synthesizing complex risk information into clear, concise, and decision useful reporting for senior management and Boards.
  • Solid understanding of ERM frameworks, risk governance practices, and regulatory expectations applicable to banking and financial services organizations.
  • Proven ability to work cross functionally, influence stakeholders, and partner effectively with both first and second line teams.
  • Excellent written and verbal communication skills, with a strong attention to detail and the ability to translate technical risk concepts into business focused insights.
  • Experience with ERM systems and risk data repositories (e.g., risk assessment tools, issue management systems, reporting platforms) strongly preferred.

Compliance with Laws & Regulations
  • Responsible for complying with all the Bank's internal control policies and procedures.
  • Responsible for understanding and complying with all laws and regulations to which the Bank is subject.
  • Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts.

#INDHP1
Why join us
We believe in putting people first by supporting our customers, employees and our partners while creating opportunities for everyone to reach their potential. From fostering work-life balance to rewarding good work and innovative ideas, we invest in what matters most, our people.
At Merrick Bank, you'll be part of a collaborative, customer-focused team where you can grow your career while making a meaningful impact.
Our Employee Value Proposition
  • Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
  • Benefits Package -Medical, Dental, and Vision (plus much more)
  • 401(k) Plan with Company Match
  • Short- & Long-Term Disability
  • Wellness Programs
  • Group Life and AD&D Insurance
  • Paid Vacation, Sick Days and bank Holidays
  • Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition

We offer a total rewards package comprised of a competitive base rate of pay, variable pay incentive programs based on the role, and a comprehensive benefit suite. Offered rates of pay are determined based on job-related knowledge, relevant experience, skills, certifications, and geographic location.
We are proud to be an equal opportunity employer. All qualified applicants will receive consideration without regard to age, race, color, sex, or gender identity/expression (including pregnancy, childbirth, transgender status, or sexual orientation), religion or creed, ancestry, citizenship, national origin, disability, military or veteran status, marital status, genetic information, or any other characteristic protected by applicable law.
We do not tolerate discrimination, harassment, or retaliation. Employment decisions are based solely on qualifications, merit, and business needs. Everyone is welcome here, and we hire based on your ability to do the job, not any protected characteristics.
If you need help or reasonable accommodation during the application or hiring process, please let your TA Partner know.