You will own the design and evolution of the firm's third-party risk lifecycle, including risk identification, onboarding due diligence, risk tiering, ongoing monitoring, issue management, and ...
You will own the design and evolution of the firm's third-party risk lifecycle, including risk identification, onboarding due diligence, risk tiering, ongoing monitoring, issue management, and ...
This role will encompass Third Party Risk practices being deployed to manufacturing facilities with the intent to minimize GPI's risk exposure related to third parties in the GPI ecosystem. This ...
This role will encompass Third Party Risk practices being deployed to manufacturing facilities with the intent to minimize GPI's risk exposure related to third parties in the GPI ecosystem. This ...
KPMG is currently seeking a Lead Specialist, Third Party Risk Management to join our Managed Services practice. Responsibilities: * Interact with onshore engagements and clients directly performing ...
KPMG is currently seeking a Lead Specialist, Third Party Risk Management to join our Managed Services practice. Responsibilities: * Interact with onshore engagements and clients directly performing ...
Provide Third Party risk and governance subject matter expertise to GPS business partners across GPS global footprint * Support the execution of required Third Party Requirements routines ...
Provide Third Party risk and governance subject matter expertise to GPS business partners across GPS global footprint * Support the execution of required Third Party Requirements routines ...
Risk Analyst I
Atlanta, GA · On-site
Monitor compliance with third-party management policies by reviewing reports and confirming ... Respond promptly to vendor risk management inquiries via email, phone, and Microsoft Teams.
Risk Analyst I
Atlanta, GA · On-site
Monitor compliance with third-party management policies by reviewing reports and confirming ... Respond promptly to vendor risk management inquiries via email, phone, and Microsoft Teams.
Monitor compliance with third-party management policies by reviewing reports and confirming ... Respond promptly to vendor risk management inquiries via email, phone, and Microsoft Teams.
Monitor compliance with third-party management policies by reviewing reports and confirming ... Respond promptly to vendor risk management inquiries via email, phone, and Microsoft Teams.
The SP Program includes third-party service providers that are deemed systemically important to the ... The PCG Risk Specialist collaborates with dedicated supervisory teams and SP program leadership to ...
New
The SP Program includes third-party service providers that are deemed systemically important to the ... The PCG Risk Specialist collaborates with dedicated supervisory teams and SP program leadership to ...
New
The SP Program includes third-party service providers that are deemed systemically important to the ... The PCG Risk Specialist collaborates with dedicated supervisory teams and SP program leadership to ...
The SP Program includes third-party service providers that are deemed systemically important to the ... The PCG Risk Specialist collaborates with dedicated supervisory teams and SP program leadership to ...
Conduct quarterly account reviews with internal stakeholders, including cyber strategy, technology risk, IT audit, governance risk and compliance, privacy, third-party risk, cloud security, incident ...
Conduct quarterly account reviews with internal stakeholders, including cyber strategy, technology risk, IT audit, governance risk and compliance, privacy, third-party risk, cloud security, incident ...
We're looking for a PM who thinks beyond product features and focuses on the key outcomes customers care about most : reducing unknown third-party risk, understanding where AI and agentic ...
Quick apply
Apply Early
We're looking for a PM who thinks beyond product features and focuses on the key outcomes customers care about most : reducing unknown third-party risk, understanding where AI and agentic ...
Apply Early
Cybersecurity Third Party Senior Analyst
Atlanta, GA · On-site
$96K - $124K/yr
The analyst also drives process improvements, develops new risk attribution methods, and refines ... Coordinate with third party risk management, incident response, and infrastructure teams to ...
Cybersecurity Third Party Senior Analyst
Atlanta, GA · On-site
$96K - $124K/yr
The analyst also drives process improvements, develops new risk attribution methods, and refines ... Coordinate with third party risk management, incident response, and infrastructure teams to ...
Cybersecurity Third Party Senior Analyst
Atlanta, GA · On-site
$96K - $124K/yr
The analyst also drives process improvements, develops new risk attribution methods, and refines ... Coordinate with third party risk management, incident response, and infrastructure teams to ...
Cybersecurity Third Party Senior Analyst
Atlanta, GA · On-site
$96K - $124K/yr
The analyst also drives process improvements, develops new risk attribution methods, and refines ... Coordinate with third party risk management, incident response, and infrastructure teams to ...
Lead third-party and vendor security risk assessments and due diligence activities. Compliance & Security Assurance * Manage cybersecurity compliance programs aligned with frameworks and regulations.
Lead third-party and vendor security risk assessments and due diligence activities. Compliance & Security Assurance * Manage cybersecurity compliance programs aligned with frameworks and regulations.
Lead third-party and vendor security risk assessments and due diligence activities. Compliance & Security Assurance * Manage cybersecurity compliance programs aligned with frameworks and regulations.
Lead third-party and vendor security risk assessments and due diligence activities. Compliance & Security Assurance * Manage cybersecurity compliance programs aligned with frameworks and regulations.
Manager, Third Party Vendor Management
Alpharetta, GA · On-site +1
Facilitate legal review and Third Party Risk Management Assessment processes. What We are Looking For (Minimum Qualifications) * Minimum of 5 years of experience in procurement, vendor management, or ...
Manager, Third Party Vendor Management
Alpharetta, GA · On-site +1
Facilitate legal review and Third Party Risk Management Assessment processes. What We are Looking For (Minimum Qualifications) * Minimum of 5 years of experience in procurement, vendor management, or ...
Facilitate legal review and Third Party Risk Management Assessment processes. What We are Looking For (Minimum Qualifications) * Minimum of 5 years of experience in procurement, vendor management, or ...
Facilitate legal review and Third Party Risk Management Assessment processes. What We are Looking For (Minimum Qualifications) * Minimum of 5 years of experience in procurement, vendor management, or ...
This position will also be responsible for oversight and program management of third-party risk management and Business Continuity Planning activities for the organization. They will report on these ...
This position will also be responsible for oversight and program management of third-party risk management and Business Continuity Planning activities for the organization. They will report on these ...
Aravo Solutions, Inc., provides leading third-party risk management (TPRM), ESG, and vendor lifecycle management solutions powered by intelligent automation software and designed to meet the needs of ...
Aravo Solutions, Inc., provides leading third-party risk management (TPRM), ESG, and vendor lifecycle management solutions powered by intelligent automation software and designed to meet the needs of ...
Trusted by millions of third-party users in 195+ countries, Aravo provides guidance for the most complex third-party networks in the world, helping them mitigate risk, build business resilience, and ...
Quick apply
Apply Early
Trusted by millions of third-party users in 195+ countries, Aravo provides guidance for the most complex third-party networks in the world, helping them mitigate risk, build business resilience, and ...
Apply Early
Vendor Analyst, AI & Technology Risk
Atlanta, GA · Hybrid
$85K - $110K/yr
Support Vendor Management in aligning with third-party risk requirements AI Governance Operations * Support execution of AI intake and governance workflows: * Track AIA Forms and FactSheets * Ensure ...
Vendor Analyst, AI & Technology Risk
Atlanta, GA · Hybrid
$85K - $110K/yr
Support Vendor Management in aligning with third-party risk requirements AI Governance Operations * Support execution of AI intake and governance workflows: * Track AIA Forms and FactSheets * Ensure ...
Third Party Risk information
See Georgia salary details
$16.29 is the 25th percentile. Wages below this are outliers.
$12.18 - $16.76
28% of jobs
The median wage is $19.49 / hr.
$16.76 - $21.33
37% of jobs
$21.33 - $25.91
6% of jobs
$28.77 is the 75th percentile. Wages above this are outliers.
$25.91 - $30.48
6% of jobs
$30.48 - $35.06
12% of jobs
$35.06 - $39.64
0% of jobs
$39.64 - $44.21
0% of jobs
$44.21 - $48.79
8% of jobs
$48.79 - $53.36
0% of jobs
$53.36 - $57.94
0% of jobs
$57.94 - $62.52
2% of jobs
$12
$25
$62
How much do third party risk jobs pay per hour?
What are some common challenges faced in a Third Party Risk role and how can they be managed?
What is the difference between Third Party Risk vs Vendor Risk Management?
| Aspect | Third Party Risk | Vendor Risk Management |
|---|---|---|
| Focus | Assessing risks from all external entities, including vendors, partners, and contractors | Evaluating risks specifically associated with third-party vendors |
| Credentials | Risk management certifications, compliance knowledge | Vendor management certifications, procurement experience |
| Work Environment | Corporate risk teams, compliance departments | Procurement, vendor management teams |
| Industry Usage | Financial, healthcare, technology sectors | Primarily in supply chain and procurement functions |
Third Party Risk encompasses a broader scope, including all external entities, while Vendor Risk Management specifically focuses on vendors. Both roles require risk assessment skills and industry knowledge, but Third Party Risk roles often involve broader compliance and strategic oversight.
What are the key skills and qualifications needed to thrive as a Third Party Risk professional, and why are they important?
What is Third Party Risk?

Full-time
This job post has expired 1 day ago. Applications are no longer accepted.
McKinsey & Company rating
8.5
Based on 22 frontline employees who took The Breakroom Quiz
15th of 58 rated business consultants
Job description
YOUR IMPACT
You will lead strategy and program oversight across multiple third-party risk verticals, including suppliers and client-facing collaborators.
You will be responsible for shaping and advancing a unified, end-to-end TPRM framework that supports a diverse and global third-party ecosystem. You will own the design and evolution of the firm's third-party risk lifecycle, including risk identification, onboarding due diligence, risk tiering, ongoing monitoring, issue management, and offboarding governance.
You will ensure that the framework is consistently applied across third-party segments, while incorporating tailored approaches for different risk profiles and engagement models. You will ensure that onboarding processes are efficient, auditable, and aligned with firm risk appetite and user experience expectations.
You will be part of Optimize, McKinsey's global procurement capability, enhancing and protecting the firm's resources and reputation by making responsible buying easy and creating leading solutions and experiences across our third-party ecosystem.You will be joining the Third-Party Risk Strategy pillar of Optimize's Third Party Risk & Social Responsibility team. Thisteam defines and governs the firm's global third-party risk management (TPRM) program, spanning various third-party types and risk domains.
While day-to-day execution is led by the Operations team, you will be accountable for program performance and alignment to strategy. You will assess whether service levels, controls, and processes are operating effectively across verticals, and drive improvements where gaps are identified.
You will define and monitor key program metrics, including service levels, onboarding cycle times, risk coverage, and remediation effectiveness. You will use these insights to optimize performance, reduce risk exposure, and improve the overall third-party experience.
You will partner closely with the governance pillar to inform the development of policies, standards, and control requirements, providing input based on program insights, operational performance, and emerging risks. You will ensure that policies and standards are effectively translated into scalable processes, tools, and workflows across the third-party risk lifecycle. You will stay ahead of evolving regulatory expectations and industry frameworks (e.g., NIST, ISO, SOC, and relevant regulatory guidance), assessing implications for the program and driving necessary enhancements to maintain alignment.
You will own the evolution of third-party risk tooling and digital capabilities, including governance of TPRM platforms, onboarding workflows, data sources, and reporting infrastructure. You will drive the use of data, automation, and analytics to enhance scalability, transparency, and decision-making.
In addition to strategy development, you will lead execution of complex, global initiatives to enhance program capabilities, improve processes, and implement changes across the firm. You will play a key role in strengthening risk management capabilities, including supporting documentation, training, and fostering a strong risk-aware culture.
You will report to the Director of Third Party Risk Strategy and work closely with global stakeholders including Ethics & Compliance, Finance, Legal, Client Service Risk focused specifically on suppliers and client-facing collaborators (CFCs) external entities the firm engages with to deliver products and services, including suppliers, and ecosystem partners. You will be based out of London, Philadelphia, New York, New Jersey, Atlanta, Boston, Miramar, Tampa, or Washington DC office.
YOUR GROWTH
You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.
In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.
When you join us, you will have:
- Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
- A voice that matters: From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
- Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
- Exceptional benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family.
YOUR QUALIFICATIONS AND SKILLS
- 10+ years of professional experience with a demonstrable record of impact, including 10+ years in third-party risk management, compliance, or a related field, ideally within a global organization
- Deep expertise in third-party risk management frameworks, including lifecycle design, onboarding processes, and internal control environments across multiple third-party segments
- Experience designing, governing, or advancing enterprise risk programs, with accountability for program performance and outcomes
- Experience in a professional services or consulting environment strongly preferred
- Strong understanding of global regulatory expectations and industry frameworks related to third-party risk (e.g., NIST, ISO, SOC, and relevant regulatory guidance)
- Experience with TPRM/GRC platforms and driving digital enablement, including workflow design, data, reporting, and automation
- Exceptional analytical and problem-solving skills, with the ability to translate complex data into actionable insights
- Excellent judgment and exceptional integrity, as well as distinctive interpersonal and collaborative skills
- Proven ability to lead large, cross-functional initiatives and drive execution in complex, global environments
- Curious mindset and demonstrated ability to learn new concepts and ideas, and to apply those concepts across multiple content areas
- Strong professional computing skills, including Microsoft Office products (i.e. Excel, PowerPoint, Visio)
- Comfortable with ambiguity in a work-setting, knowing how to address and manage unpredictable outcomes
- Superior communication & interpersonal skills, including the ability to present to a global audience on a regular basis, build and maintain highly effective and collaborative relationships
Please review the additional requirements regarding essential job functions of McKinsey colleagues.
Our unwavering commitment to integrity drives everything we do, guiding us to always act in the best interests of our clients, our people, and the communities we serve.
What McKinsey & Company employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom