ZipRecruiter

Log In

1

Third Party Vendor Risk Management Jobs (NOW HIRING)

Chubb

Vendor Risk Analyst

Chicago, IL ยท On-site +1

The Vendor Risk Management Analyst will be responsible for assessing, monitoring, and mitigating risks associated with third-party vendors to ensure compliance with organizational policies, industry ...

next page

Showing results 1-20

All JobsThird Party Vendor Risk Management Jobs

Third Party Vendor Risk Management information

See salary details

$43.5K

$103.7K

$167.5K

How much do third party vendor risk management jobs pay per year?

As of Jun 22, 2026, the average yearly pay for third party vendor risk management in the United States is $103,704.00, according to ZipRecruiter salary data. Most workers in this role earn between $72,500.00 and $132,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced in Third Party Vendor Risk Management roles, and how can they be addressed?

Professionals in Third Party Vendor Risk Management often encounter challenges such as evaluating vendor risk with limited visibility, ensuring timely compliance documentation, and coordinating risk assessments across multiple departments. To address these, effective communication skills and the ability to build strong relationships with both vendors and internal stakeholders are essential. Utilizing centralized risk management tools and staying updated on regulatory requirements can help streamline processes and reduce oversight gaps, making the role both impactful and dynamic.

What is third-party vendor risk management?

Third-party vendor risk management is the process of identifying, assessing, and mitigating risks associated with external vendors or suppliers that provide goods or services to an organization. It involves evaluating vendor security, compliance, and performance to protect the organization from potential disruptions, data breaches, or regulatory issues. Professionals in this field often use risk assessment tools and may hold certifications like Certified Third Party Risk Professional (CTPRP).

What is the salary of third party risk management consultant?

The salary of a third party risk management consultant typically ranges from $70,000 to $130,000 annually, depending on experience, location, and industry. Professionals with certifications like CRMP or CTPRM and strong analytical skills tend to earn higher salaries. Entry-level roles may start lower, while senior consultants with specialized expertise can earn more.

What is the difference between Third Party Vendor Risk Management vs Vendor Compliance Specialist?

AspectThird Party Vendor Risk ManagementVendor Compliance Specialist
Primary FocusAssessing and mitigating risks associated with third-party vendorsEnsuring vendors comply with legal, regulatory, and internal standards
CertificationsCertifications like CRISC, CTPRP, or vendor risk management coursesCertifications such as CCEP, CCEP-I, or compliance-specific credentials
Work EnvironmentRisk management teams within finance, IT, or procurement departmentsCompliance departments or legal teams within organizations
Industry UsageCommon in finance, healthcare, and technology sectorsPrevalent across regulated industries like finance, healthcare, and manufacturing

While both roles focus on vendor-related activities, Third Party Vendor Risk Management emphasizes assessing and mitigating risks posed by vendors, whereas Vendor Compliance Specialists concentrate on ensuring vendors adhere to applicable standards and regulations. Both roles are essential for maintaining organizational integrity and reducing operational risks.

How much does a third party risk analyst make?

A third party risk analyst typically earns between $60,000 and $100,000 annually, depending on experience, location, and industry. Entry-level positions may start lower, while experienced analysts with certifications like CRISC or CISSP can earn higher salaries. The role often requires strong analytical skills and knowledge of risk management tools and frameworks.

What are the key skills and qualifications needed to thrive in Third Party Vendor Risk Management, and why are they important?

To thrive in Third Party Vendor Risk Management, you need a solid understanding of risk assessment, compliance frameworks, and vendor management processes, often supported by a degree in business, information security, or a related field. Familiarity with risk management software, GRC (Governance, Risk, and Compliance) tools, and certifications like CTPRP or CISA are commonly required. Strong analytical thinking, communication, and negotiation skills help professionals build effective relationships and convey risk findings. These skills are critical for identifying, mitigating, and managing risks associated with third-party vendors, ultimately protecting organizational interests and ensuring regulatory compliance.

Is third party risk management a good career?

Third Party Vendor Risk Management is a growing field focused on assessing and mitigating risks associated with external vendors and partners. It requires skills in risk assessment, compliance, and often involves using tools like GRC platforms; certifications such as Certified Third Party Risk Professional (CTPRP) can enhance career prospects. The role offers opportunities in various industries, with a focus on regulatory compliance and security, making it a stable and in-demand career choice.
More about Third Party Vendor Risk Management jobs
What cities are hiring for Third Party Vendor Risk Management jobs? Cities with the most Third Party Vendor Risk Management job openings:
What states have the most Third Party Vendor Risk Management jobs? States with the most job openings for Third Party Vendor Risk Management jobs include:
What job categories do people searching Third Party Vendor Risk Management jobs look for? The top searched job categories for Third Party Vendor Risk Management jobs are:
Third Party Vendor Risk Management jobs near you
Infographic showing various Third Party Vendor Risk Management job openings in the United States as of June 2026, with employment types broken down into 1% Locum Tenens, 6% As Needed, 54% Full Time, 18% Part Time, and 21% Contract. Highlights an 89% Physical, 4% Hybrid, and 7% Remote job distribution, with an average salary of $103,704 per year, or $49.9 per hour.
Vendor Risk Specialist

Vendor Risk Specialist

PrincePerelson and Associates

Salt Lake City, UT โ€ข On-site, Remote

$95K/yr

Other

Medical, Retirement, PTO

Posted 4 days ago

Job description

Vendor Risk Specialist

Salt Lake City, UT


A rapidly growing financial technology organization is seeking a Vendor Risk Specialist to join its Information Security team. This individual will be part of a small team responsible for evaluating and managing risks associated with third-party vendors and service providers.


The role focuses on assessing information security, operational, financial, regulatory, and business continuity risks. The successful candidate will work closely with internal stakeholders and external vendors to gather documentation, evaluate controls, identify risks, and support remediation efforts.


Responsibilities

  • Conduct third-party vendor risk assessments, including reviews of security controls, policies, procedures, and independent audit reports.
  • Partner with internal business owners and external vendors to collect required documentation and responses to due diligence questionnaires.
  • Evaluate vendor security programs and recommend mitigating or compensating controls when necessary.
  • Track identified risks and remediation activities with vendors and internal stakeholders.
  • Escalate unresolved or high-risk findings to leadership for review and acceptance.
  • Maintain reporting and metrics related to the vendor risk management program.
  • Support broader governance, risk, and compliance initiatives as needed.


Qualifications

  • 5+ years of experience in technology, information security, risk management, or a related field.
  • 2โ€“3 years of experience specifically focused on vendor risk management, third-party risk, or security assessments.
  • Bachelor's degree in Computer Science, Information Security, Information Systems, or a related discipline.
  • Familiarity with vendor governance, risk, and compliance (GRC) platforms.
  • Understanding of security frameworks such as ISO 27001, NIST, or comparable standards.
  • Knowledge of regulatory, privacy, and compliance requirements impacting third-party risk management.
  • Experience assessing cloud-based service providers and modern technology environments.
  • Strong analytical, organizational, and communication skills.
  • Detail-oriented with the ability to manage multiple assessments simultaneously.
  • Self-motivated with a desire to continuously learn and develop expertise.


Compensation & Benefits

The organization offers a competitive compensation package that may include base salary, annual bonus opportunities, long-term incentive programs, and a comprehensive benefits package. Benefits include healthcare coverage, retirement savings programs, paid time off, parental leave, and additional wellness resources.


Work Environment

This position works in office Monday through Thursday with the option of Fridays at home.




PrincePerelson & Associates is an Equal Opportunity Employer and complies with all provisions of the EEO and ADA laws. We do not discriminate in our employment practices on the basis of race, color, religion, national origin, sex (including sexual orientation and sexual identity), age, genetic information, parental status, military status, disability, or any non-merit-based factors or other federal, state, or locally protected class. All applicants applying for U.S. job openings must be authorized to work in the United States.

Apply