ZipRecruiter

Log In

1

Third Party Risk Management Jobs in Kentucky (NOW HIRING)

Papa John's

Senior Manager GRC

Louisville, KY · On-site

Establishing and leading the third-party risk management program, including vendor tiering and assessments * Coordinating regulatory and audit engagements (internal and external) * Partnering across ...

Deloitte

Senior Consultant - ServiceNow

Louisville, KY · Remote

... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional design and configuration of ServiceNow solutions, including forms, workflows, notifications, service ...

Deloitte

Cyber Manager - ServiceNow

Louisville, KY · On-site

$106.50K - $143.90K/yr

... Asset Management, and Third-Party Risk Management workstreams in partnership with architects and product owners • Managing stakeholder engagement and executive communications; facilitating ...

Deloitte

Cyber Manager - ServiceNow

Louisville, KY · On-site +1

$106.70K - $144.10K/yr

... Management, and Third-Party Risk Management workstreams in partnership with architects and product owners * Managing stakeholder engagement and executive communications; facilitating decisions ...

Schulte

Risk Management Specialist

Louisville, KY · On-site

Schulte Hospitality Group is a leading third-party management company with deep, multi-generational ... Maintain input and data quality of risk management systems. * Identify and analyze areas of ...

Banterra Bank

Information Security Specialist

Paducah, KY · On-site

$21.35 - $26.69/hr

Support various organizational projects by advising on information security and risk management related matters, with emphasis on third party risk management. * Participate in and perform access and ...

Banterra Corp.

Information Security Specialist

Paducah, KY · Hybrid

$21.35 - $26.69/hr

Support various organizational projects by advising on information security and risk management related matters, with emphasis on third party risk management. * Participate in and perform access and ...

Korbel

$41.75 - $55.75/hr

Support our IT risk management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. Raise awareness within the organization of IT governance, ...

next page

Showing results 1-20

People also search for

All JobsThird Party Risk Management JobsThird Party Risk Management Jobs in Kentucky

Third Party Risk Management information

See Kentucky salary details

$44.7K

$96.9K

$147.6K

How much do third party risk management jobs pay per year?

As of May 28, 2026, the average yearly pay for third party risk management in Kentucky is $96,889.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,200.00 and $112,000.00 per year, depending on experience, location, and employer.

What is a Third Party Risk Management job?

A Third Party Risk Management (TPRM) job involves assessing, monitoring, and mitigating risks associated with an organization's external vendors, suppliers, and service providers. Professionals in this role evaluate third parties for compliance, cybersecurity vulnerabilities, financial stability, and operational risks. They develop frameworks, conduct risk assessments, and ensure that vendors meet regulatory and organizational standards. TPRM specialists collaborate with internal teams like compliance, procurement, and IT security to protect the organization's interests. Their goal is to minimize potential disruptions, data breaches, or regulatory non-compliance stemming from third-party relationships.

What are the key skills and qualifications needed to thrive in the Third Party Risk Management position, and why are they important?

To thrive in Third Party Risk Management, you need a strong understanding of risk assessment, compliance regulations, vendor management, and data analysis, typically supported by a bachelor's degree in business, finance, or a related field. Familiarity with risk assessment tools, third-party risk management platforms (such as Archer or ProcessUnity), and certifications like Certified Third Party Risk Professional (CTPRP) are common in this field. Exceptional communication, negotiation, and analytical-thinking skills are crucial soft skills for engaging vendors and stakeholders effectively. These abilities ensure comprehensive risk mitigation and help organizations maintain compliance and security while building strong external partnerships.

What are some common challenges faced in a Third Party Risk Management role, and how are they addressed?

One of the primary challenges in Third Party Risk Management is keeping up with evolving regulatory requirements and the diverse risk profiles of different vendors. Professionals in this role often encounter situations where they must coordinate risk assessments across multiple departments and ensure timely responses from both internal teams and external partners. To address these challenges, strong project management skills, proactive communication, and the use of dedicated risk management tools are essential. Many organizations also emphasize ongoing training and cross-functional collaboration to stay ahead of emerging risks and regulatory changes.
More about Third Party Risk Management jobs
What are the most commonly searched types of Third Party Risk Management jobs in Kentucky? The most popular types of Third Party Risk Management jobs in Kentucky are:
What are popular job titles related to Third Party Risk Management jobs in Kentucky? For Third Party Risk Management jobs in Kentucky, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Management jobs in Kentucky look for? The top searched job categories for Third Party Risk Management jobs in Kentucky are:
Third Party Risk Management jobs near you
Infographic showing various Third Party Risk Management job openings in Kentucky as of May 2026, with employment types broken down into 95% Full Time, and 5% Contract. Highlights an 89% In-person, and 11% Hybrid job distribution, with an average salary of $96,889 per year, or $46.6 per hour.
Senior Manager GRC

Senior Manager GRC

Papa John's

Louisville, KY • On-site

Full-time

Posted 23 days ago

Papa John's rating

4.8

Company rating: 4.8 out of 10

Based on 727 frontline employees who took The Breakroom Quiz

20th of 22 rated food delivery companies

Job description

What's Unique About You Is What Makes Us Better! Diversity is our strength and competitive advantage. Bring your flavor to the Papa John's team today!
Position Overview
Papa Johns is seeking a Senior Manager, Governance, Risk & Compliance to establish and operate the cybersecurity governance and risk control plane across the enterprise. This role is responsible for enabling risk-informed decision making, clear accountability, and consistent control governance across business, IT, cloud, and third-party environments. The ideal candidate will bring strong judgment, the ability to operate across organizational boundaries, and experience building and scaling GRC capabilities in complex environments.
Responsibilities
The primary responsibilities of this role include:
  • Establishing and operating the enterprise cybersecurity risk management program, including risk identification, prioritization, and tracking
  • Defining and enforcing risk acceptance, escalation, and accountability frameworks
  • Developing executive and board-level risk reporting aligned to business impact
  • Defining and governing cybersecurity policies, standards, and control frameworks aligned to industry standard frameworks
  • Ensuring consistent control implementation and enforcement across IT, cloud, and business environments
  • Leading exception management processes to ensure risk is explicitly understood and accepted at the right levels
  • Establishing and leading the third-party risk management program, including vendor tiering and assessments
  • Coordinating regulatory and audit engagements (internal and external)
  • Partnering across Security, IT, Legal, Compliance, and Procurement (among others as relevant) to align risk and control expectations
  • Establishing and governing the cybersecurity awareness and training program, ensuring it is aligned to enterprise risk and tailored user roles
  • Overseeing control validation, testing, and assurance activities
  • Ensuring governance of vulnerability management, logging, and detection capabilities
  • Driving continuous improvement through risk insights, incident learnings, and control effectiveness reviews
  • Managing and optimizing budget and resources to support governance, risk, and compliance capabilities

Qualifications
The successful candidate will possess the following:
  • 6-10+ years of experience in cybersecurity risk management
  • Proven leadership experience in building, scaling, and maturing teams and operating models
  • Strong understanding of cybersecurity control frameworks
  • Demonstrated ability to translate technical risk into business impact and action
  • Experience building or maturing GRC programs in complex organizations
  • Strong judgment in prioritization, tradeoff decisions, and stakeholder alignment
  • Experience supporting or leading SOX ITGC and/or application control environments in a complex organization
  • Experience establishing or evolving security awareness and behavior change programs
  • Excellent communication skills and ability to influence across technical and business stakeholders
  • Experience working with third-party risk, audit, and compliance functions

Day in the Life
This role is less about managing a checklist and more about orchestrating how the organization understands and acts on risk.
A typical day may include:
  • Reviewing the enterprise risk register, identifying where risks are aging, stuck, or no longer aligned to business priorities
  • Coaching and developing team members and leaders, ensuring clarity in priorities, accountability, and execution
  • Meeting with Security and IT leaders to challenge and refine risk prioritization, ensuring the highest-impact issues are being addressed first
  • Partnering with a business or product team to translate a technical control gap into business impact, helping them understand tradeoffs and required actions
  • Working through a risk acceptance decision, ensuring the right level of leadership is engaged and the decision is documented and understood
  • Aligning with Procurement and Legal on a high-risk third-party engagement, ensuring appropriate controls and risk mitigation strategies are in place
  • Coordinating with vulnerability management, detection, or testing teams to ensure findings are being tracked, prioritized, and driven to resolution
  • Preparing or refining executive-level reporting, focusing on what has improved, what remains at risk, and where decisions are needed
  • Resolving cross-team friction where ownership, accountability, or priorities are unclear, bringing structure and clarity to move work forward

Work Environment
This is a leadership role operating across a complex, cross-functional environment. Success requires the ability to influence without authority, bring clarity to ambiguity, and align diverse stakeholders toward common risk outcomes.
Our Values
  • EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
  • DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
  • PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
  • INNOVATE TO WIN - We champion and challenge for a better way in all we do.
  • HAVE FUN - We find joy, create meaningful impact and celebrate the journey together

Our Core Competencies
  • EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
  • DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
  • PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
  • INNOVATE TO WIN - We champion and challenge for a better way in all we do.
  • HAVE FUN - We find joy, create meaningful impact and celebrate the journey together

Papa Johns is an equal opportunity employer.
Papa Johns is a federal contractor that participates in the E-Verify program to confirm employment eligibility for each new team member. We also comply with all Right to Work requirements. Official E-Verify and Right to Work notices are available for applicants to review in both English and Spanish.
Everybody loves pizza, which means they also love the people who are behind the scenes working to deliver it. This is complex and challenging work - but let's face it - it's also pizza! If you want a fulfilling career with a company that's always moving forward, we're the right place.
Papa John's is a Federal Contract employer who participates in E-Verify to confirm employment eligibility for each new team member. For more information please view the following PDFs: E-Verify Poster (English) - Right to Work Poster (English) - E-Verify Poster (Spanish) - Right to Work Poster (Spanish) Papa John's is an Affirmative Action and Equal Opportunity Employer. For more information please click on the following PDF. See terms & conditions for site use.

What Papa John's employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply