Establishing and leading the third-party risk management program, including vendor tiering and assessments * Coordinating regulatory and audit engagements (internal and external) * Partnering across ...
Establishing and leading the third-party risk management program, including vendor tiering and assessments * Coordinating regulatory and audit engagements (internal and external) * Partnering across ...
Senior Manager GRC
Louisville, KY · On-site
Establishing and leading the third-party risk management program, including vendor tiering and assessments * Coordinating regulatory and audit engagements (internal and external) * Partnering across ...
Senior Manager GRC
Louisville, KY · On-site
Establishing and leading the third-party risk management program, including vendor tiering and assessments * Coordinating regulatory and audit engagements (internal and external) * Partnering across ...
Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Contributing to functional design and configuration of ServiceNow solutions, including forms, workflows, notifications ...
... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Contributing to functional design and configuration of ServiceNow solutions, including forms, workflows, notifications ...
... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional design and configuration of ServiceNow solutions, including forms, workflows, notifications, service ...
... Third-Party Risk Management, and ServiceNow AI Control Tower use cases * Supporting functional design and configuration of ServiceNow solutions, including forms, workflows, notifications, service ...
Manager - ServiceNow
Louisville, KY · On-site +1
... Third-Party Risk Management workstreams in partnership with architects and product owners * Managing stakeholder engagement and executive communications; facilitating decisions, change control, and ...
Manager - ServiceNow
Louisville, KY · On-site +1
... Third-Party Risk Management workstreams in partnership with architects and product owners * Managing stakeholder engagement and executive communications; facilitating decisions, change control, and ...
IT Security and Governance Analyst
Louisville, KY · On-site
$43.25 - $57.50/hr
... k management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. • Raise awareness within the organization of IT governance, risk and ...
IT Security and Governance Analyst
Louisville, KY · On-site
$43.25 - $57.50/hr
... k management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. • Raise awareness within the organization of IT governance, risk and ...
Senior Project Manager -Third Party Applications Job Locations US-KY-LOUISVILLE ID 2026-182687 Line of Business BrightSpring Health Services Position Type Full-Time Our Company BrightSpring Health ...
Senior Project Manager -Third Party Applications Job Locations US-KY-LOUISVILLE ID 2026-182687 Line of Business BrightSpring Health Services Position Type Full-Time Our Company BrightSpring Health ...
Manage relationships with marketplace partners (Amazon, Walmart, eBay) and third-party vendors, including agencies and syndication partners * Lead evaluation and implementation of tools and ...
Quick apply
Manage relationships with marketplace partners (Amazon, Walmart, eBay) and third-party vendors, including agencies and syndication partners * Lead evaluation and implementation of tools and ...
$41.75 - $55.75/hr
Support our IT risk management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. Raise awareness within the organization of IT governance, ...
$41.75 - $55.75/hr
Support our IT risk management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. Raise awareness within the organization of IT governance, ...
BrightSpring Health Services The Senior Project Manager for Application Management is responsible for overseeing and coordinating projects and initiatives across PharMerica's third-party pharmacy and ...
BrightSpring Health Services The Senior Project Manager for Application Management is responsible for overseeing and coordinating projects and initiatives across PharMerica's third-party pharmacy and ...
IT Security and Governance Analyst
Louisville, KY · On-site
$43.25 - $57.75/hr
... k management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. • Raise awareness within the organization of IT governance, risk and ...
IT Security and Governance Analyst
Louisville, KY · On-site
$43.25 - $57.75/hr
... k management program to ensure both internal and third-party IT risks are identified, assessed, prioritized and remediated. • Raise awareness within the organization of IT governance, risk and ...
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Third Party Eligibility Account Representative
Pineville, KY · On-site
$12 - $14/hr
... revenue cycle management processes of coding, billing, and collections. MedData serves 5,000 ... Alegis Revenue Group currently has an opening for a Third Party Eligibility Account Representative ...
Third Party Eligibility Account Representative
Pineville, KY · On-site
$12 - $14/hr
... revenue cycle management processes of coding, billing, and collections. MedData serves 5,000 ... Alegis Revenue Group currently has an opening for a Third Party Eligibility Account Representative ...
... revenue cycle management processes of coding, billing, and collections. MedData serves 5,000 ... Alegis Revenue Group currently has an opening for a Third Party Eligibility Account Representative ...
... revenue cycle management processes of coding, billing, and collections. MedData serves 5,000 ... Alegis Revenue Group currently has an opening for a Third Party Eligibility Account Representative ...
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Quick apply
Oversees software licensing across third-party pharmacy and document management systems, ensuring compliance, proper utilization, and renewal tracking. * Maintains accurate records of software ...
Senior Project Manager -Third Party Applications
$120K - $125K/yr
Overview The Senior Project Manager for Application Management is responsible for overseeing and coordinating projects and initiatives across PharMerica's third-party pharmacy and document management ...
Quick apply
Senior Project Manager -Third Party Applications
$120K - $125K/yr
Overview The Senior Project Manager for Application Management is responsible for overseeing and coordinating projects and initiatives across PharMerica's third-party pharmacy and document management ...
Field Service Technician (Retail/3rd Party AMS) is responsible for the service and/or maintenance ... Ability to self-manage and work independently with little to no supervision. * High degree of ...
Field Service Technician (Retail/3rd Party AMS) is responsible for the service and/or maintenance ... Ability to self-manage and work independently with little to no supervision. * High degree of ...
Third-Party Risk Management (TPRM) * 10+ years of demonstrated deep technical expertise in ServiceNow, typically evidenced by advanced ServiceNow certifications (e.g., Certified Application Developer ...
Third-Party Risk Management (TPRM) * 10+ years of demonstrated deep technical expertise in ServiceNow, typically evidenced by advanced ServiceNow certifications (e.g., Certified Application Developer ...
Third Party Risk Manager information
See Kentucky salary details
$44.7K - $54.1K
4% of jobs
$54.1K - $63.4K
6% of jobs
$63.4K - $72.8K
11% of jobs
$76.3K is the 25th percentile. Wages below this are outliers.
$72.8K - $82.2K
11% of jobs
The median wage is $89.6K / yr.
$82.2K - $91.5K
23% of jobs
$91.5K - $100.9K
13% of jobs
$107K is the 75th percentile. Wages above this are outliers.
$100.9K - $110.2K
12% of jobs
$110.2K - $119.6K
8% of jobs
$119.6K - $128.9K
6% of jobs
$128.9K - $138.3K
4% of jobs
$138.3K - $147.6K
2% of jobs
$44.7K
$96.9K
$147.6K
How much do third party risk manager jobs pay per year?
What is the difference between Third Party Risk Manager vs Vendor Risk Analyst?
| Aspect | Third Party Risk Manager | Vendor Risk Analyst |
|---|---|---|
| Credentials | Certifications like CRISC, CTPRP often preferred | Certifications such as CRISC, CTPRP common |
| Work Environment | Oversees multiple vendors and third-party relationships at strategic level | Focuses on assessing specific vendor risks and compliance |
| Employer & Industry Usage | Used in finance, healthcare, and large corporations managing third-party risks | Common in IT, finance, and procurement departments |
| Search & Comparison Intent | Often compared for broader risk management roles | Compared for detailed vendor risk assessments |
The Third Party Risk Manager oversees the overall risk associated with third-party vendors, focusing on strategic risk mitigation. The Vendor Risk Analyst concentrates on evaluating individual vendors' risks and compliance. While both roles require similar certifications and work in related environments, the Risk Manager has a broader scope, whereas the Analyst specializes in detailed assessments.
What are the key skills and qualifications needed to thrive as a Third Party Risk Manager, and why are they important?
What is a Third Party Risk Manager?
How does a Third Party Risk Manager typically collaborate with other departments to manage vendor risks?

Papa John's rating
4.8
Based on 753 frontline employees who took The Breakroom Quiz
21st of 23 rated food delivery companies
Job description
What's Unique About You Is What Makes Us Better! Diversity is our strength and competitive advantage. Bring your flavor to the Papa John's team today!
Position Overview
Papa Johns is seeking a Senior Manager, Governance, Risk & Compliance to establish and operate the cybersecurity governance and risk control plane across the enterprise. This role is responsible for enabling risk-informed decision making, clear accountability, and consistent control governance across business, IT, cloud, and third-party environments. The ideal candidate will bring strong judgment, the ability to operate across organizational boundaries, and experience building and scaling GRC capabilities in complex environments.
Responsibilities
The primary responsibilities of this role include:
- Establishing and operating the enterprise cybersecurity risk management program, including risk identification, prioritization, and tracking
- Defining and enforcing risk acceptance, escalation, and accountability frameworks
- Developing executive and board-level risk reporting aligned to business impact
- Defining and governing cybersecurity policies, standards, and control frameworks aligned to industry standard frameworks
- Ensuring consistent control implementation and enforcement across IT, cloud, and business environments
- Leading exception management processes to ensure risk is explicitly understood and accepted at the right levels
- Establishing and leading the third-party risk management program, including vendor tiering and assessments
- Coordinating regulatory and audit engagements (internal and external)
- Partnering across Security, IT, Legal, Compliance, and Procurement (among others as relevant) to align risk and control expectations
- Establishing and governing the cybersecurity awareness and training program, ensuring it is aligned to enterprise risk and tailored user roles
- Overseeing control validation, testing, and assurance activities
- Ensuring governance of vulnerability management, logging, and detection capabilities
- Driving continuous improvement through risk insights, incident learnings, and control effectiveness reviews
- Managing and optimizing budget and resources to support governance, risk, and compliance capabilities
Qualifications
The successful candidate will possess the following:
- 6-10+ years of experience in cybersecurity risk management
- Proven leadership experience in building, scaling, and maturing teams and operating models
- Strong understanding of cybersecurity control frameworks
- Demonstrated ability to translate technical risk into business impact and action
- Experience building or maturing GRC programs in complex organizations
- Strong judgment in prioritization, tradeoff decisions, and stakeholder alignment
- Experience supporting or leading SOX ITGC and/or application control environments in a complex organization
- Experience establishing or evolving security awareness and behavior change programs
- Excellent communication skills and ability to influence across technical and business stakeholders
- Experience working with third-party risk, audit, and compliance functions
Day in the Life
This role is less about managing a checklist and more about orchestrating how the organization understands and acts on risk.
A typical day may include:
- Reviewing the enterprise risk register, identifying where risks are aging, stuck, or no longer aligned to business priorities
- Coaching and developing team members and leaders, ensuring clarity in priorities, accountability, and execution
- Meeting with Security and IT leaders to challenge and refine risk prioritization, ensuring the highest-impact issues are being addressed first
- Partnering with a business or product team to translate a technical control gap into business impact, helping them understand tradeoffs and required actions
- Working through a risk acceptance decision, ensuring the right level of leadership is engaged and the decision is documented and understood
- Aligning with Procurement and Legal on a high-risk third-party engagement, ensuring appropriate controls and risk mitigation strategies are in place
- Coordinating with vulnerability management, detection, or testing teams to ensure findings are being tracked, prioritized, and driven to resolution
- Preparing or refining executive-level reporting, focusing on what has improved, what remains at risk, and where decisions are needed
- Resolving cross-team friction where ownership, accountability, or priorities are unclear, bringing structure and clarity to move work forward
Work Environment
This is a leadership role operating across a complex, cross-functional environment. Success requires the ability to influence without authority, bring clarity to ambiguity, and align diverse stakeholders toward common risk outcomes.
Our Values
- EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
- DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
- PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
- INNOVATE TO WIN - We champion and challenge for a better way in all we do.
- HAVE FUN - We find joy, create meaningful impact and celebrate the journey together
Our Core Competencies
- EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
- DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
- PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
- INNOVATE TO WIN - We champion and challenge for a better way in all we do.
- HAVE FUN - We find joy, create meaningful impact and celebrate the journey together
Papa Johns is an equal opportunity employer.
Papa Johns is a federal contractor that participates in the E-Verify program to confirm employment eligibility for each new team member. We also comply with all Right to Work requirements. Official E-Verify and Right to Work notices are available for applicants to review in both English and Spanish.
Everybody loves pizza, which means they also love the people who are behind the scenes working to deliver it. This is complex and challenging work - but let's face it - it's also pizza! If you want a fulfilling career with a company that's always moving forward, we're the right place.
Papa John's is a Federal Contract employer who participates in E-Verify to confirm employment eligibility for each new team member. For more information please view the following PDFs:E-Verify Poster (English)-Right to Work Poster (English)-E-Verify Poster (Spanish)- Right to Work Poster (Spanish) Papa John's is an Affirmative Action and Equal Opportunity Employer. For more information please click on the followingPDF. Seeterms & conditionsfor site use.
What Papa John's employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Papa John's
Sourced by ZipRecruiter
Industry
Restaurants
Company size
10,000+ Employees
Headquarters location
Atlanta, GA, US