1

Third Party Risk Manager Jobs in Boston, MA (NOW HIRING)

Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and ...

New

You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail ...

New

You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail ...

New

You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail ...

New

You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail ...

New

next page

Showing results 1-20

Third Party Risk Manager information

See Boston, MA salary details

$56K

$121.2K

$184.7K

How much do third party risk manager jobs pay per year?

As of Jul 14, 2026, the average yearly pay for third party risk manager in Boston, MA is $121,195.00, according to ZipRecruiter salary data. Most workers in this role earn between $97,800.00 and $140,100.00 per year, depending on experience, location, and employer.

What is the difference between Third Party Risk Manager vs Vendor Risk Analyst?

AspectThird Party Risk ManagerVendor Risk Analyst
CredentialsCertifications like CRISC, CTPRP often preferredCertifications such as CRISC, CTPRP common
Work EnvironmentOversees multiple vendors and third-party relationships at strategic levelFocuses on assessing specific vendor risks and compliance
Employer & Industry UsageUsed in finance, healthcare, and large corporations managing third-party risksCommon in IT, finance, and procurement departments
Search & Comparison IntentOften compared for broader risk management rolesCompared for detailed vendor risk assessments

The Third Party Risk Manager oversees the overall risk associated with third-party vendors, focusing on strategic risk mitigation. The Vendor Risk Analyst concentrates on evaluating individual vendors' risks and compliance. While both roles require similar certifications and work in related environments, the Risk Manager has a broader scope, whereas the Analyst specializes in detailed assessments.

What are the key skills and qualifications needed to thrive as a Third Party Risk Manager, and why are they important?

To thrive as a Third Party Risk Manager, you need a strong background in risk assessment, vendor management, and regulatory compliance, often supported by a degree in business, finance, or a related field. Familiarity with risk management frameworks, tools like GRC (Governance, Risk, and Compliance) platforms, and relevant certifications such as CTPRP (Certified Third Party Risk Professional) are highly beneficial. Excellent communication, analytical thinking, and stakeholder management skills set top performers apart in this role. These competencies are crucial for effectively identifying, mitigating, and communicating third-party risks to protect organizational assets and ensure regulatory compliance.

What is a Third Party Risk Manager?

A Third Party Risk Manager is a professional responsible for identifying, assessing, and mitigating risks associated with an organization's external vendors, suppliers, or partners. Their main job is to ensure that third-party relationships do not expose the company to undue financial, operational, regulatory, or reputational risk. This includes evaluating vendor security practices, monitoring compliance with contracts and regulations, and developing risk management policies. Third Party Risk Managers often collaborate with legal, procurement, and IT teams to safeguard the organization's interests. Their work is crucial in today's interconnected business environment, where companies increasingly rely on third-party services and products.

How does a Third Party Risk Manager typically collaborate with other departments to manage vendor risks?

A Third Party Risk Manager works closely with teams such as procurement, legal, IT security, and compliance to assess and monitor the risks associated with external vendors. They coordinate with these departments to perform due diligence, review contracts, and establish ongoing monitoring processes. Regular cross-functional meetings and clear communication channels are essential, as the role often requires aligning risk management strategies with organizational objectives and ensuring that vendor-related risks are identified and mitigated promptly.
What are popular job titles related to Third Party Risk Manager jobs in Boston, MA? For Third Party Risk Manager jobs in Boston, MA, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Manager jobs in Boston, MA look for? The top searched job categories for Third Party Risk Manager jobs in Boston, MA are:
What cities near Boston, MA are hiring for Third Party Risk Manager jobs? Cities near Boston, MA with the most Third Party Risk Manager job openings:
Infographic showing various Third Party Risk Manager job openings in Boston, MA as of July 2026, with employment types broken down into 67% Full Time, and 33% Temporary. Highlights an 100% In-person job distribution, with an average salary of $121,195 per year, or $58.3 per hour.
Third-Party Risk Consultant

Third-Party Risk Consultant

MassMutual

Boston, MA

$86K - $113K/yr

Full-time

Posted 3 days ago

New


Job description

Third-Party Risk Consultant, ETX Governance, Risk & Compliance Team

Full-Time, Springfield/Boston

The Opportunity

As a Third-Party Risk Consultant, you will play a crucial role in implementing the third-party risk framework. This position is responsible for executing third-party risk assessments and due diligence activities across the MassMutual’s third-party ecosystem. Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and enhance operational efficiency throughout the organization.

The Team

The ETX Governance, Risk & Compliance Team is comprised of governance and risk professionals responsible for implementing governance processes and risk management practices for the ETX (Information Technology) organization. We work closely with our business and technology partners and succeed together by designing practical and effective technology governance and risk management solutions to increase operational efficiency.

The Impact

  • Analyze third-party services, data flows, and system integrations to identify and recommend inherent and residual risk exposure.
  • Collaborate with issue management teams to ensure identified risks, including vulnerabilities, are appropriately tracked, communicated, and remediated
  • Contribute to status reporting and metrics tracking for ongoing third-party risk activities
  • Evaluate, document, communicate, and support breach event and incident response activities
  • Execute risk evaluation procedures by reviewing evidence, documenting observations, and recording results in accordance with defined templates and quality standards
  • Identify control gaps, weaknesses, or non-compliance issues and clearly document and recommend findings for further review and disposition
  • Partner with senior practitioners to support risk rating determinations and escalation decisions
  • Apply knowledge and discretion when performing risk assessments to ensure third parties meet security and technology standards in alignment with established practices and procedures
  • Proactively escalate delays, gaps in information, or emerging risks to the team lead
  • Research and consult with internal subject matter experts to understand and document risk identified through risk assessments and due diligence practices, and communicate the findings to stakeholders

The Minimum Qualifications

  • 2+ years of experience in risk management and/or completing third-party risk assessments
  • 2+ years of experience implementing metrics to track status, identify trends, and surface potential issues
  • 2+ years of experience working in an enterprise GRC platform, including proficient use of Excel import/export functions

The Ideal Qualifications

  • Bachelor’s degree, preferably in technology, cybersecurity, risk management, or business-related field
  • 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit, or testing controls
  • Proficiency with SharePoint and related tools used to execute an effective regulatory compliance program
  • Experience communicating regulatory requirements to technical and non-technical audiences, and facilitating discussions between ETX owners, Compliance, and Law to ensure a shared understanding and effective compliance
  • Foundational understanding of third-party risk domains, including:
    • Cybersecurity and data protection
    • Cloud/SaaS risk considerations
    • Identity and access management (e.g., SSO vs. standalone access)
    • Business continuity and resiliency
  • Familiarity with industry frameworks such as NIST, ISO 27001, SOC 2, or similar
  • Ability to interpret control evidence and assess adequacy relative to risk
  • Strong written and verbal communication skills, with the ability to interact effectively with internal stakeholders and third parties
  • Demonstrated ability to execute with limited guidance while meeting deadlines in a structured, process-driven environment
  • Strong attention to detail and documentation discipline

What You Can Expect at MassMutual

MassMutual offers the opportunity to do meaningful work within a purpose-driven organization that values long-term impact over short-term outcomes. In this role, you can expect:

  • Clear areas of ownership and accountability, with work that connects directly to company and customer outcomes 
  • A collaborative environment where perspectives are welcomed  
  • Access to learning, development, and internal networks that support continuous growth and skill-building over time 
  • Employee-led communities and forums that foster connection, learning, and inclusion across the organization 
  • A culture grounded in integrity, responsibility, and stewardship—supported by a company with a strong legacy and a future-focused mindset

#LI-RK1

MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
California residents: For detailed information about your rights under the California Consumer Privacy Act (CCPA), please visit our California Consumer Privacy Act Disclosures page.