1

Third Party Risk Manager Jobs in Connecticut (NOW HIRING)

The Vendor Risk Manager owns the end-to-end third-party risk lifecycle, onboarding, diligence, monitoring, and exit across a high-volume, diverse vendor portfolio. You will synthesize risk across ...

The Vendor Risk Manager owns the end-to-end third-party risk lifecycle, onboarding, diligence, monitoring, and exit across a high-volume, diverse vendor portfolio. You will synthesize risk across ...

The Vendor Risk Manager owns the end-to-end third-party risk lifecycle, onboarding, diligence, monitoring, and exit across a high-volume, diverse vendor portfolio. You will synthesize risk across ...

The Vendor Risk Manager owns the end-to-end third-party risk lifecycle, onboarding, diligence, monitoring, and exit across a high-volume, diverse vendor portfolio. You will synthesize risk across ...

next page

Showing results 1-20

Third Party Risk Manager information

See Connecticut salary details

$49K

$106.1K

$161.7K

How much do third party risk manager jobs pay per year?

As of Jul 15, 2026, the average yearly pay for third party risk manager in Connecticut is $106,122.00, according to ZipRecruiter salary data. Most workers in this role earn between $85,600.00 and $122,700.00 per year, depending on experience, location, and employer.

What is the difference between Third Party Risk Manager vs Vendor Risk Analyst?

AspectThird Party Risk ManagerVendor Risk Analyst
CredentialsCertifications like CRISC, CTPRP often preferredCertifications such as CRISC, CTPRP common
Work EnvironmentOversees multiple vendors and third-party relationships at strategic levelFocuses on assessing specific vendor risks and compliance
Employer & Industry UsageUsed in finance, healthcare, and large corporations managing third-party risksCommon in IT, finance, and procurement departments
Search & Comparison IntentOften compared for broader risk management rolesCompared for detailed vendor risk assessments

The Third Party Risk Manager oversees the overall risk associated with third-party vendors, focusing on strategic risk mitigation. The Vendor Risk Analyst concentrates on evaluating individual vendors' risks and compliance. While both roles require similar certifications and work in related environments, the Risk Manager has a broader scope, whereas the Analyst specializes in detailed assessments.

What are the key skills and qualifications needed to thrive as a Third Party Risk Manager, and why are they important?

To thrive as a Third Party Risk Manager, you need a strong background in risk assessment, vendor management, and regulatory compliance, often supported by a degree in business, finance, or a related field. Familiarity with risk management frameworks, tools like GRC (Governance, Risk, and Compliance) platforms, and relevant certifications such as CTPRP (Certified Third Party Risk Professional) are highly beneficial. Excellent communication, analytical thinking, and stakeholder management skills set top performers apart in this role. These competencies are crucial for effectively identifying, mitigating, and communicating third-party risks to protect organizational assets and ensure regulatory compliance.

What is a Third Party Risk Manager?

A Third Party Risk Manager is a professional responsible for identifying, assessing, and mitigating risks associated with an organization's external vendors, suppliers, or partners. Their main job is to ensure that third-party relationships do not expose the company to undue financial, operational, regulatory, or reputational risk. This includes evaluating vendor security practices, monitoring compliance with contracts and regulations, and developing risk management policies. Third Party Risk Managers often collaborate with legal, procurement, and IT teams to safeguard the organization's interests. Their work is crucial in today's interconnected business environment, where companies increasingly rely on third-party services and products.

How does a Third Party Risk Manager typically collaborate with other departments to manage vendor risks?

A Third Party Risk Manager works closely with teams such as procurement, legal, IT security, and compliance to assess and monitor the risks associated with external vendors. They coordinate with these departments to perform due diligence, review contracts, and establish ongoing monitoring processes. Regular cross-functional meetings and clear communication channels are essential, as the role often requires aligning risk management strategies with organizational objectives and ensuring that vendor-related risks are identified and mitigated promptly.
What are popular job titles related to Third Party Risk Manager jobs in Connecticut? For Third Party Risk Manager jobs in Connecticut, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Manager jobs in Connecticut look for? The top searched job categories for Third Party Risk Manager jobs in Connecticut are:
What cities in Connecticut are hiring for Third Party Risk Manager jobs? Cities in Connecticut with the most Third Party Risk Manager job openings:
Infographic showing various Third Party Risk Manager job openings in Connecticut as of July 2026, with employment types broken down into 83% Full Time, 15% Part Time, 1% Temporary, and 1% Contract. Highlights an 85% Physical, 1% Hybrid, and 14% Remote job distribution, with an average salary of $106,122 per year, or $51 per hour.

Vendor Risk Manager

Dalio Family Office

Westport, CT โ€ข Hybrid

Other

Dental, Vision, Life, Retirement, PTO

Posted 13 days ago


Job description

Vendor Risk Managerย 

Dalio Family Officeย 

Dalio Family Office Overview:ย ย 

The Dalio Family Office (DFO) supports Barbara and Ray Dalio and their family in their ventures, investments, and philanthropic efforts under Dalio Philanthropies, which includes OceanX, Dalio Education, Endless Network, and the Beijing Dalio Foundation. The core of the DFO's culture is built around meaningful work and meaningful relationships and the family's commitment to giving back. The office is headquartered in Westport, CT with regional offices in New York City, Singapore, and Abu Dhabi.ย 

Position Summary:ย ย 

The Vendor Risk Manager owns the end-to-end third-party risk lifecycle, onboarding, diligence, monitoring, and exit across a high-volume, diverse vendor portfolio. You will synthesize risk across cybersecurity, AI, privacy, financial, and AML/CFT/sanctions domains into clear, actionable risk positions, performing structured threat modeling for high-exposure vendors. ย 

Day-to-day responsibilities would include a combination of the following:ย 

  • Own the VRM program end-to-end: strategy, policy, procedure, workflow, tooling, metrics, and executive reporting for CISO/CRO/board visibility.
  • Lead holistic vendor risk assessments across cybersecurity, AI risk, privacy, financial, AML/CFT/sanctions.
  • Document residual risk acceptances with named accountable executives and time-boxed review dates; coordinate with IT, Legal, Finance, and Compliance as appropriate.ย 
  • Evaluate and monitor vendor security controls based on data sensitivity and business criticality, leveraging industry frameworks and evidence such as SOC 2, ISO 27001, penetration testing, and security assessments.ย 
  • Conduct structured threat models (STRIDE, PASTA) for high risk vendors, and document findings as durable artifacts informing contracting, monitoring, and exit planning.ย 
  • Translate threat model outputs into concrete, testable control requirements drawing from OWASP (ASVS, API Security Top 10, LLM/Agentic Top 10), NIST (SP 800-53, SP 800-161, CSF 2.0, SP 800-207), and MITRE ATT&CK; scale requirements to vendor tier.ย 
  • Partner with Legal to translate identified risks into enforceable contractual requirements.
  • Apply FAIR or comparable quantitative methods for high-impact vendor decisions, expressing cyber risk in loss-exposure terms that resonate with senior leadership.ย 
  • Advise IT, Engineering and business teams on vendor integration architecture (SSO/SCIM, OAuth, conditional access, DLP, segmentation, BYOK, VPC peering) and maintain approved reference patterns.
  • Drive automation and tooling maturity to handle high vendor volume without proportional headcount growth; produce program dashboards tracking throughput, cycle time, recertification compliance, and remediation aging.ย 

The ideal candidate will possess the following knowledge, skills, attributes, and values:ย 

  • Expert knowledge of third-party/vendor risk management ย 
  • Strong risk assessment and analytical skills ย 
  • Technical understanding of enterprise security architecture ย 
  • Excellent communication and stakeholder management skills ย 
  • Proven ability to lead and optimize vendor risk programs ย 

Illustrative Benefits:ย ย ย ย ย 

  • 100% company paid medical premiums ย 
  • 17 company paid holidays ย 
  • Friday summer hours ย 
  • ย Monthly community happy hoursย ย 
  • Hybrid work environment ย 
  • ย Free catered food services for in-office daysย ย 
  • Generous PTO offeringย  ย 
  • Casual dress code ย 
  • 150% 401(k) match up to $7,500 and 100% match above $7,500 ($15k match limit) ย 
  • Gym reimbursement, back up childcare services, insurance, financial, and legal services, and much more! ย 

Qualifications:ย 

  • Bachelor's degree in Information Security, Risk Management, Computer Science, Cybersecurity, or a related discipline.ย 
  • At least 7 years of progressive experience across vendor risk management, cybersecurity architecture, security engineering, GRC, audit, or related fields. ย 
  • Experience managing the full third-party/vendor risk lifecycle, including vendor onboarding, due diligence, risk assessments, continuous monitoring, recertification, remediation tracking, and vendor exit planning, with at least 2 years owning an end-to-end TPRM program. ย 
  • Strong technical knowledge of cybersecurity frameworks, standards, and methodologies including NIST, ISO 27001/27002, OWASP, MITRE ATT&CK, Shared Assessments, threat modeling approaches (STRIDE/PASTA), and risk management practices. ย 
  • Hands-on experience evaluating enterprise security controls, cloud and integration architectures, SOC 2 Type II reports, ISO certifications, penetration testing results, data protection requirements, and third-party security risks across complex technology environments. ย 
  • Ability to communicate complex technical and risk concepts to executive stakeholders, collaborate effectively across business functions
  • 10% travel as required based on business needs.ย 

Compensation:ย 

Compensation for the role includes a competitive salary in the range from $175,000 -$260,000 (inclusive of a merit-based bonus, dependent on years of experience, level of education obtained, as well as applicable skillset) and an excellent benefits package, including paid time off ranging from 15 to 25 days based on years of service, paid sick and safe leave, dental, vision, life and disability insurance, paid parental time off, birth mother recovery pay, sick family member pay, parental ramp back up program, gym reimbursement and generous employer match for 401k.ย 

Please note we are unable to provide immigration sponsorship for this position.ย 

At the DFO, we believe our biggest asset is our people. We are proud to be an equal opportunity employer, hiring and developing individuals from diverse backgrounds and experiences to add to our collaborative culture. The DFO treats all candidates and employees with respect and does not discriminate in our recruiting, hiring, and promoting processes and general treatment during employment, including on the basis of actual or perceived race, creed, color, religion, sex, age, sexual orientation, gender identity and/or expression, alienage or national origin, ancestry, citizenship status, marital status, veteran status, or disability.ย