Lead and support third-party risk management activities including vendor due diligence, risk assessments, contract reviews, and ongoing monitoring. * Partner with procurement, legal, and business ...
Lead and support third-party risk management activities including vendor due diligence, risk assessments, contract reviews, and ongoing monitoring. * Partner with procurement, legal, and business ...
Lead and support third-party risk management activities including vendor due diligence, risk assessments, contract reviews, and ongoing monitoring. * Partner with procurement, legal, and business ...
Lead and support third-party risk management activities including vendor due diligence, risk assessments, contract reviews, and ongoing monitoring. * Partner with procurement, legal, and business ...
VP, Third Party Risk Officer
Dallas, TX · On-site
The role will focus on Third Party Risk and resides within the Legal and Compliance's Operational ... The individual will play a critical strategic role in driving risk management oversight activities ...
VP, Third Party Risk Officer
Dallas, TX · On-site
The role will focus on Third Party Risk and resides within the Legal and Compliance's Operational ... The individual will play a critical strategic role in driving risk management oversight activities ...
Vendor Management, Third Party Risk Manager
Westlake, TX · On-site
$93K - $119K/yr
Corporate Vendor Management is responsible for the sourcing, onboarding, risk assessment ... Perform research and remediation of third-party data anomalies * Strong attention to detail with ...
Vendor Management, Third Party Risk Manager
Westlake, TX · On-site
$93K - $119K/yr
Corporate Vendor Management is responsible for the sourcing, onboarding, risk assessment ... Perform research and remediation of third-party data anomalies * Strong attention to detail with ...
Corporate Vendor Management is responsible for the sourcing, onboarding, risk assessment ... Perform research and remediation of third-party data anomalies * Strong attention to detail with ...
Corporate Vendor Management is responsible for the sourcing, onboarding, risk assessment ... Perform research and remediation of third-party data anomalies * Strong attention to detail with ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
The Third Party Risk Management (TPRM) team's mission is to support the firm's 'One Goldman Sachs' forward strategy by proactively identifying, managing, monitoring and reporting key third party ...
Third Party Risk Management (TPRM) ProductManager About the Team Third Party Risk Management (TPRM)'s mission is to reduce extended enterprise risk at Vanguard. We protect Vanguard through our ...
Third Party Risk Management (TPRM) ProductManager About the Team Third Party Risk Management (TPRM)'s mission is to reduce extended enterprise risk at Vanguard. We protect Vanguard through our ...
Purpose The Manager, Global 2nd Line Third Party Risk Management (TPRM) contributes to the overall success of the Global TPRM Program by conducting second line effective challenge and program ...
Purpose The Manager, Global 2nd Line Third Party Risk Management (TPRM) contributes to the overall success of the Global TPRM Program by conducting second line effective challenge and program ...
Third Party Cyber Risk Analyst (10844) A growing organization is seeking a Third-Party Cyber Risk ... This role will be responsible for assessing and managing cybersecurity risks associated with ...
Quick apply
Third Party Cyber Risk Analyst (10844) A growing organization is seeking a Third-Party Cyber Risk ... This role will be responsible for assessing and managing cybersecurity risks associated with ...
Liaise with third-party vendors as required, maintaining strong professional relationships * Build ... Risk Manager (FRM) Designation; Project Management (PMP) * Appropriate knowledge of financial ...
Liaise with third-party vendors as required, maintaining strong professional relationships * Build ... Risk Manager (FRM) Designation; Project Management (PMP) * Appropriate knowledge of financial ...
Senior Risk Management Specialist
Austin, TX · On-site
$97K/yr
Evaluate, implement, and enhance enterprise and third-party risk management programs to align with organizational goals and standards. * Configure risk tools, integrate with existing systems, and ...
Quick apply
Senior Risk Management Specialist
Austin, TX · On-site
$97K/yr
Evaluate, implement, and enhance enterprise and third-party risk management programs to align with organizational goals and standards. * Configure risk tools, integrate with existing systems, and ...
Strategic Sales Specialist -C3PR Risk Intelligence, LSEG
Allen, TX · On-site
$91K/yr
This role will focus on expanding relationships with large, complex organizations that require advanced solutions for sanctions screening, customer due diligence, and third-party risk management. The ...
Strategic Sales Specialist -C3PR Risk Intelligence, LSEG
Allen, TX · On-site
$91K/yr
This role will focus on expanding relationships with large, complex organizations that require advanced solutions for sanctions screening, customer due diligence, and third-party risk management. The ...
Strategic Sales Specialist -C3PR Risk Intelligence, LSEG
Allen, TX · On-site
$91K/yr
This role will focus on expanding relationships with large, complex organizations that require advanced solutions for sanctions screening, customer due diligence, and third-party risk management. The ...
Strategic Sales Specialist -C3PR Risk Intelligence, LSEG
Allen, TX · On-site
$91K/yr
This role will focus on expanding relationships with large, complex organizations that require advanced solutions for sanctions screening, customer due diligence, and third-party risk management. The ...
Cybersecurity Manager
The Woodlands, TX · On-site
$160K/yr
This role oversees GRC, HIPAA compliance, third-party risk management, and security operations while partnering closely with IT, OT, and business stakeholders. Key Responsibilities * Lead ...
Cybersecurity Manager
The Woodlands, TX · On-site
$160K/yr
This role oversees GRC, HIPAA compliance, third-party risk management, and security operations while partnering closely with IT, OT, and business stakeholders. Key Responsibilities * Lead ...
Support Third-Party Risk Management (TPRM) / Know Your Supplier (KYS) program strategy and operations, including risk tiering, due diligence, contractual risk controls, ongoing monitoring, issue ...
Support Third-Party Risk Management (TPRM) / Know Your Supplier (KYS) program strategy and operations, including risk tiering, due diligence, contractual risk controls, ongoing monitoring, issue ...
Senior Cybersecurity Risk Analyst - USA Remote
Dallas, TX · Remote
$130K - $160K/yr
Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review ...
Senior Cybersecurity Risk Analyst - USA Remote
Dallas, TX · Remote
$130K - $160K/yr
Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review ...
Design and manage a comprehensive supplier risk program , including ... Third-party risk assessments (financial, operational, geopolitical, cyber) * Continuous monitoring ...
Design and manage a comprehensive supplier risk program , including ... Third-party risk assessments (financial, operational, geopolitical, cyber) * Continuous monitoring ...
Qualifications · Minimum 5 years of experience in IT and Third-Party Risk Management within an IT Security or GRC function. · Strong understanding of risk frameworks and regulatory requirements (e ...
Quick apply
Qualifications · Minimum 5 years of experience in IT and Third-Party Risk Management within an IT Security or GRC function. · Strong understanding of risk frameworks and regulatory requirements (e ...
Third Party Risk Manager information
See Texas salary details
$48K - $58K
4% of jobs
$58K - $68.1K
6% of jobs
$68.1K - $78.1K
11% of jobs
$81.9K is the 25th percentile. Wages below this are outliers.
$78.1K - $88.1K
11% of jobs
The median wage is $96.1K / yr.
$88.1K - $98.2K
23% of jobs
$98.2K - $108.2K
13% of jobs
$114.8K is the 75th percentile. Wages above this are outliers.
$108.2K - $118.2K
12% of jobs
$118.2K - $128.3K
8% of jobs
$128.3K - $138.3K
6% of jobs
$138.3K - $148.3K
4% of jobs
$148.3K - $158.4K
2% of jobs
$48K
$103.9K
$158.4K
How much do third party risk manager jobs pay per year?
What is the difference between Third Party Risk Manager vs Vendor Risk Analyst?
| Aspect | Third Party Risk Manager | Vendor Risk Analyst |
|---|---|---|
| Credentials | Certifications like CRISC, CTPRP often preferred | Certifications such as CRISC, CTPRP common |
| Work Environment | Oversees multiple vendors and third-party relationships at strategic level | Focuses on assessing specific vendor risks and compliance |
| Employer & Industry Usage | Used in finance, healthcare, and large corporations managing third-party risks | Common in IT, finance, and procurement departments |
| Search & Comparison Intent | Often compared for broader risk management roles | Compared for detailed vendor risk assessments |
The Third Party Risk Manager oversees the overall risk associated with third-party vendors, focusing on strategic risk mitigation. The Vendor Risk Analyst concentrates on evaluating individual vendors' risks and compliance. While both roles require similar certifications and work in related environments, the Risk Manager has a broader scope, whereas the Analyst specializes in detailed assessments.
What are the key skills and qualifications needed to thrive as a Third Party Risk Manager, and why are they important?
What is a Third Party Risk Manager?
How does a Third Party Risk Manager typically collaborate with other departments to manage vendor risks?

Job description
At Caris, we understand that cancer is an ugly word-a word no one wants to hear, but one that connects us all. That's why we're not just transforming cancer care-we're changing lives.
We introduced precision medicine to the world and built an industry around the idea that every patient deserves answers as unique as their DNA. Backed by cutting-edge molecular science and AI, we ask ourselves every day:"What would I do if this patient were my mom?"That question drives everything we do.
But our mission doesn't stop with cancer. We're pushing the frontiers of medicine and leading a revolution in healthcare-driven by innovation, compassion, and purpose.
Join us in our mission to improve the human condition across multiple diseases. If you're passionate about meaningful work and want to be part of something bigger than yourself, Caris is where your impact begins.
Position Summary
Working as part of the Information Security Team, the GRC Analyst - Enterprise & Third Party Risk will support and lead internal risk assessments, exception reviews, and third-party risk management activities. This role plays a critical part in identifying, assessing, and monitoring risks across internal systems and third-party vendors while ensuring that exceptions to policy are appropriately evaluated and documented. The ideal candidate will bring strong analytical capabilities and a proactive approach to governance, risk, and compliance.
Job Responsibilities
Conduct internal risk assessments across business units, systems, applications and processes to identify potential security, operational, and compliance risks.
Develop and maintain the internal risk register and facilitate periodic risk reviews with control owners and business stakeholders.
Develop dashboards, reports, and metrics to communicate risk status, trends, and program effectiveness to leadership.
Evaluate risk exception requests, perform risk-based analysis, and ensure appropriate documentation, approval, and tracking.
Lead and support third-party risk management activities including vendor due diligence, risk assessments, contract reviews, and ongoing monitoring.
Partner with procurement, legal, and business stakeholders to embed security and risk requirements into vendor lifecycle processes.
Assist in defining and maintaining IT and organizational policies, standards, and procedures related to security, risk, and compliance.
Support internal and external audits (e.g., HIPAA, SOX, GDPR) by collecting evidence and addressing audit findings and recommendations.
Collaborate with IT and business teams to assess the adequacy and effectiveness of internal controls and drive remediation efforts.
Conduct periodic gap assessments and ensure controls are maintained to support ongoing compliance.
Stay abreast of changes in regulatory requirements and industry best practices related to risk management, third-party governance, and cybersecurity.
Assist with the creation and delivery of security awareness training related to risk, vendor management, and compliance requirements.
Participate in the development and maintenance of business continuity, disaster recovery, and incident response processes from a risk perspective.
Required Qualifications
Bachelor's degree in Information Security, Risk Management, or a related field; or equivalent work experience.
Minimum of 4 years of experience in Information Security Risk Management, Third-Party Risk, or GRC functions.
Strong understanding of internal control assessments, exception management, and third-party/vendor risk practices.
Familiarity with legal and regulatory compliance standards such as HIPAA, SOX, GDPR, etc.
Knowledge of security and risk frameworks such as NIST Cybersecurity Framework, ISO 27001, and CIS Controls.
Excellent communication skills with the ability to collaborate effectively across technical and non-technical teams.
Ability to translate technical risks into business impacts for non-technical audiences.
Strong analytical and problemsolving abilities with experience interpreting risk data to drive decision-making.
Demonstrated ability to manage multiple assessments or projects simultaneously in a fastpaced environment.
Experience writing policies, standards, procedures, or risk documentation..
Working knowledge of data protection concepts such as data classification, encryption, access management, and secure data handling.
Proficiency in Microsoft Excel, PowerPoint, and other data/reporting tools commonly used to support risk analysis and presentations.
Ability to work independently with minimal supervision while maintaining a high attention to detail.
Preferred Qualifications
Industry certifications such as CISA, CRISC, CISSP are highly desirable.
Experience using GRC or IRM platforms (e.g., Compyl, AuditBoard, RSA Archer, LogicGate, or similar).
Experience with SOC 2, PCI-DSS, HITRUST, or other security compliance frameworks.
Experience in healthcare or life sciences industry is a plus.
Background supporting cloud security or assessing cloud service providers (AWS, Azure, GCP).
Experience conducting business impact analyses (BIA) or participating in business continuity/disaster recovery planning.
Prior involvement in incident response processes or evaluating post-incident risk implications.
Strong understanding of contract language related to security, privacy, liability, and service-level obligations.
Familiarity with quantitative risk analysis methodologies (e.g., FAIR).
Experience working in organizations undergoing rapid growth, security transformation, or compliance maturity improvements.
Physical Demands
Must possess the ability to sit and/or stand for long periods of time.
May be required to lift routine office supplies and use standard office equipment.
Other
This position may require periodic travel and availability during evenings, weekends, or holidays depending on business needs.
Conditions of Employment: Individual must successfully complete pre-employment process, which includes criminal background check, drug screening, credit check( applicable for certain positions) and reference verification.
This job description reflects management's assignment of essential functions. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.