1

Third Party Risk Jobs in Minnesota (NOW HIRING)

Support and help shape governance, risk, and compliance initiatives (e.g., NIST, ISO, SOC 2). * Lead security assessments, audits, and third-party risk reviews. * Contribute to long-term ...

Support and help shape governance, risk, and compliance initiatives (e.g., NIST, ISO, SOC 2). * Lead security assessments, audits, and third-party risk reviews. * Contribute to long-term ...

Support and help shape governance, risk, and compliance initiatives (e.g., NIST, ISO, SOC 2). * Lead security assessments, audits, and third-party risk reviews. * Contribute to long-term ...

Support and help shape governance, risk, and compliance initiatives (e.g., NIST, ISO, SOC 2). * Lead security assessments, audits, and third-party risk reviews. * Contribute to long-term ...

Third-Party Risk Management (TPRM) * 10+ years of demonstrated deep technical expertise in ServiceNow, typically evidenced by advanced ServiceNow certifications (e.g., Certified Application Developer ...

Manage vendor and third-party risk, including building and administering the OneTrust Vendor Risk Management platform and conducting annual security reviews. Cross-Functional Collaboration * Partner ...

Manage vendor and third-party risk, including building and administering the OneTrust Vendor Risk Management platform and conducting annual security reviews. Cross-Functional Collaboration * Partner ...

next page

Showing results 1-20

Third Party Risk information

See Minnesota salary details

$14

$29

$72

How much do third party risk jobs pay per hour?

As of Jul 18, 2026, the average hourly pay for third party risk in Minnesota is $29.71, according to ZipRecruiter salary data. Most workers in this role earn between $19.09 and $37.88 per hour, depending on experience, location, and employer.

What are some common challenges faced in a Third Party Risk role and how can they be managed?

Professionals in Third Party Risk often encounter challenges such as managing a large and diverse vendor portfolio, staying updated on regulatory requirements, and ensuring timely risk assessments. Navigating communication gaps between internal stakeholders and external vendors can also be demanding. These challenges are typically managed by implementing robust risk assessment frameworks, fostering cross-functional collaboration, and leveraging technology to streamline due diligence and monitoring processes. Continuous training and clear communication protocols further help in addressing these complexities and maintaining effective third-party risk management.

What is the difference between Third Party Risk vs Vendor Risk Management?

AspectThird Party RiskVendor Risk Management
FocusAssessing risks from all external entities, including vendors, partners, and contractorsEvaluating risks specifically associated with third-party vendors
CredentialsRisk management certifications, compliance knowledgeVendor management certifications, procurement experience
Work EnvironmentCorporate risk teams, compliance departmentsProcurement, vendor management teams
Industry UsageFinancial, healthcare, technology sectorsPrimarily in supply chain and procurement functions

Third Party Risk encompasses a broader scope, including all external entities, while Vendor Risk Management specifically focuses on vendors. Both roles require risk assessment skills and industry knowledge, but Third Party Risk roles often involve broader compliance and strategic oversight.

What are the key skills and qualifications needed to thrive as a Third Party Risk professional, and why are they important?

To thrive as a Third Party Risk professional, you need a solid understanding of risk management principles, vendor assessment processes, and relevant regulatory frameworks, often supported by a degree in business, finance, or a related field. Familiarity with risk assessment tools, GRC (governance, risk, and compliance) software, and certifications such as Certified Third Party Risk Professional (CTPRP) are common requirements. Strong analytical thinking, attention to detail, and effective communication skills help you evaluate vendors and influence stakeholders. These skills are vital for identifying, mitigating, and managing risks associated with third-party relationships to protect organizational integrity and compliance.

What is Third Party Risk?

Third Party Risk refers to the potential risks and vulnerabilities an organization faces when working with external vendors, suppliers, or service providers. These risks can include data breaches, compliance violations, operational disruptions, and reputational damage resulting from the actions or failures of third parties. Managing third party risk involves identifying, assessing, monitoring, and mitigating these risks to protect the organization’s interests and ensure regulatory compliance.
What are the most commonly searched types of Third Party Risk jobs in Minnesota? The most popular types of Third Party Risk jobs in Minnesota are:
What are popular job titles related to Third Party Risk jobs in Minnesota? For Third Party Risk jobs in Minnesota, the most frequently searched job titles are:
What job categories do people searching Third Party Risk jobs in Minnesota look for? The top searched job categories for Third Party Risk jobs in Minnesota are:
Lead Cybersecurity Specialist

Lead Cybersecurity Specialist

Legence

Minneapolis, MN • On-site

$125K - $165K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 3 days ago


Job description

About Legence
Legence (Nasdaq: LGN) is a leading provider of engineering, consulting, installation, and maintenance services for mission-critical systems in buildings. The company specializes in designing, fabricating, and installing complex HVAC, process piping, and other mechanical, electrical, and plumbing (MEP) systems-enhancing energy efficiency, reliability, and sustainability in new and existing facilities. Legence also delivers long-term performance through strategic upgrades and holistic solutions. Serving some of the world's most technically demanding sectors, Legence counts over 60% of the Nasdaq-100 Index among its clients.
Location: Remote, United States. Near Legence office preferred.
The Lead Cybersecurity Specialist within the Legence IT Security organization will be responsible for helping advance the company's overall security posture. This role goes beyond operational support to include architecture, risk strategy, and cross-functional leadership. This role will work with other IT pillars and team members to implement, and continuously improve security controls that protect enterprise systems, cloud environments, and data against evolving threats while aligning with business objectives and regulatory requirements. This role will provide team leadership to junior staff members
About the Role
We are seeking a highly skilled Lead Cybersecurity Specialist to lead a team of cyber analysts tasked with advancing Legence's security posture and reducing risk. This role is critical to ensuring the integrity, reliability, and security of our IT systems and processes. The ideal candidate will bring deep cyber experience, the ability to develop team members, the ability to communicate with business and IT partners, and a focus in ITGC audits, tool selection, continuous improvement, and cross-functional project management.
Key Responsibilities
  • Cloud Security & Architecture
    • Ensure the implementation and governance of secure cloud architectures across platforms.
    • Continue development, enforcement, and governance of cyber security controls (including identity, access management, and workload protection).
    • Partner with engineering teams to embed security into cloud-native development and DevOps processes (DevSecOps).
  • Enterprise Risk Management
    • Evolve the organization's security risk management program.
    • Conduct risk assessments, threat modeling, and control evaluations.
    • Translate technical risks into business impact and present recommendations to senior leadership.
  • Security Engineering & Automation
    • Develop and maintain advanced automation frameworks and scripts to improve detection, response, and compliance capabilities.
    • Lead efforts to integrate security tooling (SIEM, EDR, CSPM, etc.) into a cohesive security ecosystem.
  • Threat Detection & Incident Response
    • Oversee monitoring and detection strategies across networks, endpoints, and cloud environments.
    • Lead incident response efforts, including triage, containment, root cause analysis, and post-incident improvements.
    • Drive continuous improvement of detection use cases and response playbooks.
  • Vulnerability Management & Offensive Security
    • Lead vulnerability management lifecycle, including scanning, prioritization, and remediation strategies.
    • Coordinate perform penetration testing and adversary simulations.
    • Provide expert guidance on remediation and risk prioritization.
  • Governance, Compliance & Security Strategy
    • Support and help shape governance, risk, and compliance initiatives (e.g., NIST, ISO, SOC 2).
    • Lead security assessments, audits, and third-party risk reviews.
    • Contribute to long-term cybersecurity strategy, roadmap planning, and security metrics reporting.
  • Leadership & Collaboration
    • Act as a technical mentor and escalation point for junior analysts and engineers.
    • Oversee the career development of security team members
    • Collaborate with IT, engineering, and business stakeholders to align security initiatives with organizational goals.
    • Stay ahead of emerging threats, technologies, and industry trends, bringing proactive recommendations to leadership.

Qualifications
  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
  • 5-10+ years of experience in cybersecurity, with demonstrated progression into senior or lead responsibilities.
  • Deep expertise in cloud security, network security, and enterprise security architecture.
  • Strong experience with security technologies such as SIEM, EDR, IDS/IPS, firewalls, and encryption.
  • Proven experience in risk management, incident response, and vulnerability management.
  • Proficiency in scripting or programming (e.g., Python, PowerShell, Bash) for automation and security engineering.
  • Experience with security frameworks and compliance standards (e.g., NIST, ISO 27001, CIS).
  • Strong analytical, problem-solving, and decision-making skills.
  • Excellent communication skills, with the ability to influence technical and non-technical stakeholders.

Preferred Qualifications
  • Industry certifications such as CISSP, CISM, CCSP, or GIAC.
  • Experience leading security initiatives or small teams.

Compensation: $125k-$165k, depending on experience. This role is also eligible for an annual performance-based bonus. Bonus eligibility and payout are determined by role, individual performance, and company performance, and are not guaranteed.
#LI-JS1 #LI-Remote
Benefits Overview
401(k) Plan with Company Match: Currently match contributions dollar-for-dollar up to 4% of eligible pay; immediate vesting.
Health & Welfare Benefits: Employer provided medical, dental, vision, prescription drug, Employee Assistance Program and accident & illness coverage.
Life and Disability Insurance: Employer provided basic life insurance and AD&D valued at 50K coverage amount with the option for voluntary buy up for additional coverage.
Time Off: Flexible non-accrual vacation; company holidays per policy. (For California employees, this is separate from California paid sick leave, if applicable.)
Expenses: Business travel and related expenses reimbursed per company policy.
Reasonable Accommodations
If you need assistance or accommodations during the application or interview process, please contact us at ta@wearelegence.com or your dedicated recruiter with the job title and requisition number.
Employment Eligibility
Candidates must have current work authorization in the U.S.; visa sponsorship is not available for this position.
Third-Party Recruiting Disclaimer
Legence and its affiliates do not accept unsolicited resumes from agencies; any such submissions without a prior signed agreement authorized by Legence Holdings LLC's CHRO or Director of Talent Acquisition will not incur fees and are considered property of Legence.
Pay Disclosure & Considerations
Where pay ranges are indicated, please note that a successful candidate's exact pay will be determined based relevant job-related factors, including any of the following: candidate's experience, skills, and qualifications, as well as geographic and market considerations. We are committed to ensuring fair and competitive compensation for all employees and comply with all applicable salary transparency laws.
Equal Employment Opportunity Employer
Legence and its affiliate companies are proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), marital or familial status, national origin, age, disability, genetic information (including family medical history), political affiliation, military service, other non-merit-based factors, and any other characteristic protected under applicable local, state or federal laws and regulations.
EEO is the Law