ZipRecruiter

Log In

1

Third Party Risk Manager Jobs in Raleigh, NC (NOW HIRING)

NC SECU

IT GRC Analyst II

Raleigh, NC · On-site

Third party risk management * Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc. Desired Knowledge ...

Infojini Inc

Project Manager

Raleigh, NC · On-site

... project risk management, including failure mode effect analysis • Experience implementing solutions utilizing third party vendors and third party products • IT Project Management experience ...

Infojini Inc

Project Manager

Raleigh, NC

Experience with project risk management, including failure mode effect analysis Experience implementing solutions utilizing third party vendors and third party products IT Project Management ...

Infojini Inc

Sr. Project Manager

Raleigh, NC · On-site

Experience with project risk management, including failure mode effect analysis and planning Experience implementing solutions utilizing third party vendors and third party products. Project ...

First Citizens Bank

Business Analyst II

Raleigh, NC · On-site +1

$67K - $103K/yr

... Third Party Risk Management, documenting items in the Archer system of record, etc. Lastly, this role supports risk maturity in a growing organization, coordinating and supporting 2nd and 3rd Line ...

New

First Citizens Bank

Business Analyst II

Raleigh, NC · On-site

$67K - $103K/yr

... Third Party Risk Management, documenting items in the Archer system of record, etc. Lastly, this role supports risk maturity in a growing organization, coordinating and supporting 2nd and 3rd Line ...

First Citizens Bank

Business Analyst II

Raleigh, NC · On-site +1

$67K - $103K/yr

... Third Party Risk Management, documenting items in the Archer system of record, etc. Lastly, this role supports risk maturity in a growing organization, coordinating and supporting 2nd and 3rd Line ...

New

next page

Showing results 1-20

All JobsThird Party Risk Manager JobsThird Party Risk Manager Jobs in Raleigh, NC

Third Party Risk Manager information

See Raleigh, NC salary details

$50.1K

$108.4K

$165.2K

How much do third party risk manager jobs pay per year?

As of Jun 20, 2026, the average yearly pay for third party risk manager in Raleigh, NC is $108,435.00, according to ZipRecruiter salary data. Most workers in this role earn between $87,500.00 and $125,400.00 per year, depending on experience, location, and employer.

What is the difference between Third Party Risk Manager vs Vendor Risk Analyst?

AspectThird Party Risk ManagerVendor Risk Analyst
CredentialsCertifications like CRISC, CTPRP often preferredCertifications such as CRISC, CTPRP common
Work EnvironmentOversees multiple vendors and third-party relationships at strategic levelFocuses on assessing specific vendor risks and compliance
Employer & Industry UsageUsed in finance, healthcare, and large corporations managing third-party risksCommon in IT, finance, and procurement departments
Search & Comparison IntentOften compared for broader risk management rolesCompared for detailed vendor risk assessments

The Third Party Risk Manager oversees the overall risk associated with third-party vendors, focusing on strategic risk mitigation. The Vendor Risk Analyst concentrates on evaluating individual vendors' risks and compliance. While both roles require similar certifications and work in related environments, the Risk Manager has a broader scope, whereas the Analyst specializes in detailed assessments.

What are the key skills and qualifications needed to thrive as a Third Party Risk Manager, and why are they important?

To thrive as a Third Party Risk Manager, you need a strong background in risk assessment, vendor management, and regulatory compliance, often supported by a degree in business, finance, or a related field. Familiarity with risk management frameworks, tools like GRC (Governance, Risk, and Compliance) platforms, and relevant certifications such as CTPRP (Certified Third Party Risk Professional) are highly beneficial. Excellent communication, analytical thinking, and stakeholder management skills set top performers apart in this role. These competencies are crucial for effectively identifying, mitigating, and communicating third-party risks to protect organizational assets and ensure regulatory compliance.

What is a Third Party Risk Manager?

A Third Party Risk Manager is a professional responsible for identifying, assessing, and mitigating risks associated with an organization's external vendors, suppliers, or partners. Their main job is to ensure that third-party relationships do not expose the company to undue financial, operational, regulatory, or reputational risk. This includes evaluating vendor security practices, monitoring compliance with contracts and regulations, and developing risk management policies. Third Party Risk Managers often collaborate with legal, procurement, and IT teams to safeguard the organization's interests. Their work is crucial in today's interconnected business environment, where companies increasingly rely on third-party services and products.

How does a Third Party Risk Manager typically collaborate with other departments to manage vendor risks?

A Third Party Risk Manager works closely with teams such as procurement, legal, IT security, and compliance to assess and monitor the risks associated with external vendors. They coordinate with these departments to perform due diligence, review contracts, and establish ongoing monitoring processes. Regular cross-functional meetings and clear communication channels are essential, as the role often requires aligning risk management strategies with organizational objectives and ensuring that vendor-related risks are identified and mitigated promptly.
What are popular job titles related to Third Party Risk Manager jobs in Raleigh, NC? For Third Party Risk Manager jobs in Raleigh, NC, the most frequently searched job titles are:
What job categories do people searching Third Party Risk Manager jobs in Raleigh, NC look for? The top searched job categories for Third Party Risk Manager jobs in Raleigh, NC are:
What cities near Raleigh, NC are hiring for Third Party Risk Manager jobs? Cities near Raleigh, NC with the most Third Party Risk Manager job openings:
Third Party Risk Manager jobs near you
Infographic showing various Third Party Risk Manager job openings in Raleigh, NC as of June 2026, with employment types broken down into 93% Full Time, and 7% Contract. Highlights an 80% In-person, and 20% Remote job distribution, with an average salary of $108,435 per year, or $52.1 per hour.
Information Security Manager

Information Security Manager

Cypress Creek Renewables

Durham, NC • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 22 days ago

Job description

The Company
Cypress Creek Energy is powering a sustainable future, one project at a time. We develop, finance, own and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.
Overview
Cypress Creek Energy is hiring an Information Security Manager to lead the company's security operations and compliance program. This is a hands-on individual contributor role designed for a senior technical security professional ready to take ownership of a complete program - with the opportunity to grow into a leader of a team as the function scales.
The successful candidate brings a balance of deep technical execution and program-level compliance maturity. You will own the day-to-day security tooling stack, lead the company's NIST-based compliance program, shape policy in emerging areas including artificial intelligence, and maintain an accurate view of every system in the environment. You will report directly to the Chief Technology Officer and partner closely with IT, Counsels, and business stakeholders across the company.
Responsibilities
Security Operations & Engineering
  • Endpoint security: Administer and tune Microsoft Defender across the endpoint estate, including policy configuration, alert triage, response, and reporting.
  • Network and access security: Manage the Zscaler platform (ZIA/ZPA), including policy development, traffic inspection, access controls, and integration with identity systems.
  • SIEM operations: Own SIEM tuning, detection engineering, log source onboarding, alerting, and incident workflows. Build dashboards and metrics that surface meaningful signals.
  • Vulnerability management: Run the vulnerability scanning program across AWS and Azure cloud environments and on-premises infrastructure. Prioritize, track, and verify remediation in partnership with IT and engineering teams.
  • Patch management: Maintain endpoint patching cadence and reporting, ensuring coverage, exception tracking, and SLA adherence.
  • Digital forensics & incident response: Lead investigations into security events, perform forensic analysis, document findings, and coordinate response with internal teams and external partners as needed.

Compliance & Governance
  • NIST-based program: Maintain and continuously improve the company's NIST Cybersecurity Framework-aligned security program, including controls mapping, evidence collection, and gap remediation.
  • Policy management: Own the security policy library - ensure policies and standards are current, reviewed on a defined cadence, approved through the right channels, and communicated to the business.
  • AI policy and guidance: Develop and maintain the company's AI usage policies, acceptable use guidance, and review process for new AI tools, in coordination with Counsels and IT.
  • System inventory: Build and maintain an authoritative inventory of systems, applications, data flows, and ownership. Keep it accurate as the environment evolves.
  • Audit and assessment support: Lead responses to internal and external audits, customer security reviews, and regulatory inquiries. Manage remediation of identified findings through closure.
  • Risk management: Identify, document, and track information security risks; propose mitigations and report on residual risk to leadership.

Leadership & Cross-Functional Partnership
  • Stakeholder engagement: Partner with IT, Counsels, HR, and business leaders on security matters, providing clear guidance that balances risk with business needs.
  • Operational Technology (OT): Act as a partner and advisor to the OT team coordinating security and compliance initiatives across the company. Manage intersection of IT and OT endpoints, systems, and networks.
  • Security awareness: Drive the security awareness program, including phishing simulations, training content, and ongoing communications.
  • Vendor and third-party risk: Assess and manage security risk associated with vendors, contractors, and third-party service providers.
  • Future team leadership: Lay the groundwork to scale the function. As the program matures, hire, mentor, and lead a team of security professionals.

Education & Experience Required
  • Use of AI to enhance and scale security operations - establish AI first Security Ops
  • Bachelor's degree in computer science, information systems, cybersecurity, or related field - or equivalent professional experience.
  • 5+ years of progressive experience in information security, with demonstrated depth in security operations, engineering, or a combination of both.
  • Hands-on administration and tuning experience with Microsoft Defender (Endpoint, Identity, Cloud).
  • Production experience operating Zscaler (ZIA and/or ZPA), including policy management and troubleshooting.
  • Strong SIEM experience - building detections, tuning alerts, investigating incidents, and onboarding log sources.
  • Vulnerability management experience across cloud environments, specifically AWS and Azure.
  • Working knowledge of digital forensics and incident response methodology.
  • Demonstrated experience operating a security program aligned to the NIST Cybersecurity Framework or NIST 800-53.
  • Track record of writing, maintaining, and operationalizing security policies and standards.
  • Clear written and verbal communication, including the ability to explain technical risk to non-technical audiences.
  • Ability to work from the Durham, NC or Washington, DC office three days per week.
  • Embrace and live by the mission and values of Cypress Creek Energy

Preferred Qualifications
  • Industry certifications such as CISSP, CISM, GIAC (GCIH, GCFA, GCIA), or equivalent.
  • Experience operating in the energy, utility, or critical infrastructure sector.
  • Familiarity with NERC CIP or other regulatory frameworks relevant to the power sector.
  • Experience scripting or automating security workflows (Python, PowerShell, KQL).
  • Prior experience as a senior technical lead preparing to step into a manager role.

Location: The preferred location for this role is for our offices in Durham, NC and Washington, DC. Our team operates on a hybrid schedule, with in-office schedule of three days per week.
Compensation: The salary range for the position is $140,000 - $170,000 plus bonus and benefits. Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location.
Benefits:
  • 15 days of Paid Time Off, accrual up to 20 days, 11 observed holidays.
  • 401(k) Match
  • Comprehensive package including medical, dental, vision and health insurance
  • Wellness stipend, family planning stipend, and generous parental leave
  • Tuition Reimbursement
  • Phone Bill Reimbursement
  • Company Swag

A note to Recruiting Agencies Cypress Creek Energy Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCE and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.
Cypress Creek Energy is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.
Please be aware of recruiting scams-official communications will only come from @ccrenew.com, we will never request personal or financial information, and any suspicious activity should be reported to HR@ccrenew.com.

Apply