ZipRecruiter

Log In

1

Third Party Risk Management Jobs in Raleigh, NC (NOW HIRING)

Infojini Inc

Sr. Project Manager

Raleigh, NC

Experience with project risk management, including failure mode effect analysis and planning Experience implementing solutions utilizing third party vendors and third party products. Project ...

Duke University

Liability Insurance Manager

Durham, NC · On-site

Work requires a minimum of five years of progressively responsible experience in third-party insurance, risk financing or captive insurance management. Prior experience must include contract and ...

Duke Health

Liability Insurance Manager

Durham, NC

Work requires a minimum of five years of progressively responsible experience in third-party insurance, risk financing or captive insurance management. Prior experience must include contract and ...

Duke Health

Liability Insurance Manager

Durham, NC · On-site

Work requires a minimum of five years of progressively responsible experience in third-party insurance, risk financing or captive insurance management. Prior experience must include contract and ...

Duke University

Liability Insurance Manager

Durham, NC · On-site

Work requires a minimum of five years of progressively responsible experience in third-party insurance, risk financing or captive insurance management. Prior experience must include contract and ...

DYOPATH

vCISO

Raleigh, NC · Remote

$120K - $140K/yr

Establish and guide vendor risk and third-party risk programs * Deliver regular executive reporting ... Deep expertise in risk management, compliance, and security frameworks * Strong ability to ...

TIBCO

Senior Manager, Software Engineering

Raleigh, NC · On-site

Risk Management: Identify and assess security and compliance risks, and develop automated ... Vendor and Third-Party Security: Evaluate the security posture of third-party vendors and partners ...

SAS

Manager, Product Security Lead

Cary, NC · On-site +1

Experience with supply chain security, SBOM, and third-party risk management. * Expertise in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE, and SANS-25.

SAS

Manager, Product Security Lead

Cary, NC · On-site

Experience with supply chain security, SBOM, and third-party risk management. * Expertise in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE, and SANS-25.

Cushman & Wakefield

Category Manager (IT)

Raleigh, NC

... of C&W's 3rd party spend. Business Influence * Communicates supply category preferred supplier ... Risk Management * Identify and mitigate risks within the IT supply chain, including cybersecurity ...

Cushman & Wakefield

Category Manager (IT)

Raleigh, NC

... of C&W's 3rd party spend. Business Influence * Communicates supply category preferred supplier ... Risk Management * Identify and mitigate risks within the IT supply chain, including cybersecurity ...

next page

Showing results 1-20

All JobsThird Party Risk Management JobsThird Party Risk Management Jobs in Raleigh, NC

Third Party Risk Management information

See Raleigh, NC salary details

$45.5K

$98.6K

$150.3K

How much do third party risk management jobs pay per year?

As of Jun 27, 2026, the average yearly pay for third party risk management in Raleigh, NC is $98,623.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,600.00 and $114,000.00 per year, depending on experience, location, and employer.

What is a Third Party Risk Management job?

A Third Party Risk Management (TPRM) job involves assessing, monitoring, and mitigating risks associated with an organization's external vendors, suppliers, and service providers. Professionals in this role evaluate third parties for compliance, cybersecurity vulnerabilities, financial stability, and operational risks. They develop frameworks, conduct risk assessments, and ensure that vendors meet regulatory and organizational standards. TPRM specialists collaborate with internal teams like compliance, procurement, and IT security to protect the organization's interests. Their goal is to minimize potential disruptions, data breaches, or regulatory non-compliance stemming from third-party relationships.

What is the highest paying risk management job?

The highest paying risk management roles are often senior positions such as Chief Risk Officer (CRO) or Director of Risk Management, with salaries exceeding $150,000 annually. These roles require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills in overseeing enterprise-wide risk strategies.

What is the role of a third party Risk Manager?

A third party Risk Manager is responsible for identifying, assessing, and mitigating risks associated with an organization’s external vendors and partners. They develop risk management strategies, conduct due diligence, and monitor third-party compliance to protect the organization from potential threats and ensure contractual obligations are met. Strong analytical skills and knowledge of risk assessment tools are essential in this role.

What is 3rd party risk management?

Third party risk management is the process of identifying, assessing, and mitigating risks associated with external vendors, suppliers, or partners that an organization relies on. It involves evaluating third parties' security, compliance, and operational practices to protect the organization from potential threats and disruptions. Professionals in this field often use risk assessment tools and frameworks to ensure third-party relationships do not compromise organizational integrity.

What are some common challenges faced in a Third Party Risk Management role, and how are they addressed?

One of the primary challenges in Third Party Risk Management is keeping up with evolving regulatory requirements and the diverse risk profiles of different vendors. Professionals in this role often encounter situations where they must coordinate risk assessments across multiple departments and ensure timely responses from both internal teams and external partners. To address these challenges, strong project management skills, proactive communication, and the use of dedicated risk management tools are essential. Many organizations also emphasize ongoing training and cross-functional collaboration to stay ahead of emerging risks and regulatory changes.

What are the key skills and qualifications needed to thrive in the Third Party Risk Management position, and why are they important?

To thrive in Third Party Risk Management, you need a strong understanding of risk assessment, compliance regulations, vendor management, and data analysis, typically supported by a bachelor's degree in business, finance, or a related field. Familiarity with risk assessment tools, third-party risk management platforms (such as Archer or ProcessUnity), and certifications like Certified Third Party Risk Professional (CTPRP) are common in this field. Exceptional communication, negotiation, and analytical-thinking skills are crucial soft skills for engaging vendors and stakeholders effectively. These abilities ensure comprehensive risk mitigation and help organizations maintain compliance and security while building strong external partnerships.

Is TPRM a good career?

Third Party Risk Management (TPRM) is a growing field focused on assessing and mitigating risks from external vendors and partners. It requires skills in compliance, cybersecurity, and risk assessment, often involving certifications like CTPRP or CRISC. The role offers opportunities in various industries and can lead to advancement in risk and compliance management careers.
What are the most commonly searched types of Third Party Risk Management jobs in Raleigh, NC? The most popular types of Third Party Risk Management jobs in Raleigh, NC are:
What are popular job titles related to Third Party Risk Management jobs in Raleigh, NC? For Third Party Risk Management jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Management jobs in Raleigh, NC look for? The top searched job categories for Third Party Risk Management jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Third Party Risk Management jobs? Cities near Raleigh, NC with the most Third Party Risk Management job openings:
Third Party Risk Management jobs near you
Infographic showing various Third Party Risk Management job openings in Raleigh, NC as of June 2026, with employment types broken down into 100% Full Time. Highlights an 50% In-person, and 50% Hybrid job distribution, with an average salary of $98,623 per year, or $47.4 per hour.
Sr. Manager, Information Security

Sr. Manager, Information Security

Advance Auto Parts, Inc.

Raleigh, NC • On-site

Full-time

Posted 7 days ago

Job description

Job Description
Role Summary
The Cybersecurity Compliance Manager is responsible for designing, operating, and continuously improving the company's cybersecurity compliance program within a large-scale retail environment. This role leads the day-to-day execution of compliance activities using the OneTrust GRC platform, with a strong focus on automation, controls monitoring, and audit-ready evidence generation.
The role ensures enterprise alignment with NIST Cybersecurity Framework (CSF) and regulatory requirements including PCI DSS, HIPAA, and U.S. state privacy regulations (CCPA/CPRA).
This role is hybrid and based in our corporate headquarters in Raleigh, NC.
Key Responsibilities
Cybersecurity Compliance Program Execution
  • Operate and mature the enterprise cybersecurity compliance program aligned to NIST CSF and applicable regulatory frameworks (PCI DSS, HIPAA, CCPA/CPRA).
  • Translate regulatory and framework requirements into clear, monitored internal controls mapped to business systems and processes.
  • Serve as a subject matter expert for cybersecurity control compliance across IT, cloud, retail, e-commerce, and corporate environments.
  • Lead day-to-day use of the OneTrust GRC compliance modules, including:
    • Control libraries and framework mappings
    • Automated evidence collection and surveys
    • Workflow-driven control testing and remediation tracking
    • Compliance reporting and dashboards
  • Implement and enhance automation to reduce manual effort and eliminate point-in-time compliance gaps.
  • Partner with IT, Audit and Security teams to integrate OneTrust with upstream systems where feasible (e.g., vulnerability management, asset inventories).

Controls Monitoring & Assurance
  • Establish and operate a continuous controls monitoring (CCM) model in dynamic retail and cloud environments.
  • Monitor control performance, SLA adherence, and exception trends across in-scope systems (e.g., PCI environments, customer data platforms).
  • Track control effectiveness metrics and produce regular compliance reporting for leadership.
  • Coordinate and support internal and external audits and assessments, including:
    • PCI DSS attestations
    • HIPAA risk and compliance reviews
    • Privacy regulatory inquiries and assessments
  • Maintain audit-ready evidence within OneTrust and drive timely remediation of findings.
  • Partner with IT, Internal Audit, Legal, and Privacy to ensure consistent interpretation and execution of control requirements.
  • Work closely with system owners, IT leaders, cybersecurity team, and business partners to ensure controls are properly implemented and operated.
  • Assign control ownership, track accountability, and facilitate risk acceptance where appropriate.
  • Provide guidance and training to control owners on compliance expectations, evidence requirements, and remediation processes.

Required Qualifications
  • 6+ years of experience in cybersecurity compliance, GRC, or IT risk management, preferably in a retail or consumer-facing enterprise.
  • Strong working knowledge of:
    • NIST Cybersecurity Framework (CSF)
    • PCI DSS
    • HIPAA Security Rule
    • CCPA/CPRA and U.S. privacy obligations
  • Experience supporting audits and regulatory assessments in complex, distributed environments.

Preferred Qualifications
  • Hands-on experience with OneTrust GRC (or comparable GRC platforms) including compliance automation and evidence workflows.
  • Experience implementing continuous controls monitoring (CCM) or security metrics programs.
  • Retail industry experience supporting point-of-sale (POS), e-commerce, or cardholder data environments (CDE).
  • Familiarity with third-party risk and vendor compliance monitoring.
  • Relevant certifications (preferred, not required):
    • CISA, CISSP, CRISC, PCI ISA, or similar.

Key Competencies
  • Strong analytical and risk-based thinking
  • Ability to translate regulatory language into practical, business-aligned controls
  • Excellent stakeholder communication and influence skills
  • Detail-oriented with a strong audit and evidence mindset
  • Comfortable operating in fast-moving, matrixed retail organizations
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age national origin, religion, sexual orientation, gender identity, status as a veteran and basis of disability or any other federal, state or local protected class. We comply with all applicable federal, state, and local laws.
California Residents click below for Privacy Notice:
https://jobs.advanceautoparts.com/us/en/disclosures
Advance Auto Parts logo

About Advance Auto Parts

Sourced by ZipRecruiter

At Advance Auto Parts we have a passion for YES. Each day we are motivated by a passion to help our Customers. We have a commitment to advance the lives of our fellow Team Members, Customers, and the Communities where we live and work.

Industry

Motor vehicle and motor vehicle parts wholesalers, retail, internet and it and elementary and secondary schools

Company size

10,000+ Employees

Headquarters location

Raleigh, NC, US

View All Advance Auto Parts Jobs

Apply