ZipRecruiter

Log In

1

Vendor Risk Management Jobs in California (NOW HIRING)

Schoolsfirstfcu

Manager, Risk Management

Tustin, CA ยท On-site

... Vendor) and controls within business units are identified and documented and recommendations of enhancement to improve the effectiveness of risk management efforts across the organization are ...

Serverfarm

Risk Manager

Los Angeles, CA ยท On-site

$155K - $175K/yr

Contractor & Risk Transfer Management * Establish and enforce insurance requirements for contractors, consultants, and vendors. * Review contracts, indemnification provisions, and certificates of ...

Sierra

Vendor Security Manager

San Francisco, CA ยท On-site

What You'll Do Program Ownership & Security Risk Management Be the interface between Security and Sierra teams on everything vendor security related, drive risk conversations, and keep the program ...

next page

Showing results 1-20

All JobsVendor Risk Management JobsVendor Risk Management Jobs in California

Vendor Risk Management information

See California salary details

$42.9K

$102.3K

$165.3K

How much do vendor risk management jobs pay per year?

As of Jun 11, 2026, the average yearly pay for vendor risk management in California is $102,346.00, according to ZipRecruiter salary data. Most workers in this role earn between $71,600.00 and $130,300.00 per year, depending on experience, location, and employer.

What is the highest paying risk management job?

In risk management, senior roles such as Chief Risk Officer (CRO) or Director of Risk typically have the highest salaries, often exceeding six figures annually. These positions require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills, especially in financial services, insurance, or large corporations.

Do risk managers make good money?

Risk managers, including those in vendor risk management, typically earn competitive salaries that vary by experience, industry, and location. According to industry reports, median annual salaries range from $70,000 to over $120,000, with additional compensation for certifications like CRISC or FRM. The role often requires strong analytical skills and knowledge of compliance and risk assessment tools.

What are the key skills and qualifications needed to thrive in the Vendor Risk Management position, and why are they important?

To thrive in Vendor Risk Management, you need a solid background in risk assessment, contract analysis, and supply chain management, often supported by a degree in business, finance, or a related field. Familiarity with risk management software, vendor management systems, and relevant certifications such as Certified Third Party Risk Professional (CTPRP) are highly valued. Strong attention to detail, excellent communication, and negotiation skills help build effective vendor relationships and navigate complex scenarios. These capabilities are crucial for ensuring organizational compliance, minimizing third-party risks, and maintaining strong supplier performance.

How much does a Risk Manager get paid?

The average salary for a Risk Manager typically ranges from $80,000 to $130,000 annually, depending on experience, industry, and location. Professionals in vendor risk management often require certifications like CRISC or FRM and may work in financial, healthcare, or technology sectors.

What is a Vendor Risk Management job?

A Vendor Risk Management (VRM) job involves assessing, monitoring, and mitigating risks associated with third-party vendors and suppliers. Professionals in this role evaluate vendor security, compliance, and operational risks to protect their organization from potential disruptions, data breaches, or regulatory violations. They work closely with procurement, legal, and IT teams to establish risk management frameworks and ensure vendors meet contractual and security standards. Their responsibilities often include conducting risk assessments, reviewing vendor contracts, and developing risk mitigation strategies. Effective VRM helps organizations reduce exposure to risks while maintaining productive vendor relationships.

What is a vendor Risk Manager?

A Vendor Risk Manager is responsible for assessing and mitigating risks associated with third-party vendors and suppliers. They evaluate vendor security, compliance, and performance, often using risk management tools and frameworks to ensure organizational safety and regulatory adherence.

What are some common challenges faced in a Vendor Risk Management role?

Professionals in Vendor Risk Management often encounter the challenge of assessing and monitoring a wide range of vendors, each with unique risk profiles and compliance requirements. Balancing multiple projects, managing deadlines, and ensuring clear communication between internal stakeholders and vendors can also be demanding. Staying updated on evolving regulatory standards and quickly adapting to new risks is essential in this role. Overcoming these challenges requires strong organizational skills, continual learning, and proactive relationship management.

What are the most commonly searched types of Vendor Risk Management jobs in California? The most popular types of Vendor Risk Management jobs in California are:
What are popular job titles related to Vendor Risk Management jobs in California? For Vendor Risk Management jobs in California, the most frequently searched job titles are:
What job categories do people searching Vendor Risk Management jobs in California look for? The top searched job categories for Vendor Risk Management jobs in California are:
What cities in California are hiring for Vendor Risk Management jobs? Cities in California with the most Vendor Risk Management job openings:
Vendor Risk Management jobs near you
Infographic showing various Vendor Risk Management job openings in California as of June 2026, with employment types broken down into 86% Full Time, and 14% Part Time. Highlights an 86% In-person, and 14% Remote job distribution, with an average salary of $102,346 per year, or $49.2 per hour.
VP, Head of Enterprise Risk Management (ERM)

VP, Head of Enterprise Risk Management (ERM)

SF Fire Credit Union

San Francisco, CA โ€ข On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 16 days ago

Job description

Where it all began...
In 1951 SF Fire Credit Union first opened its doors from a modest 10' x 15' office space in 17 Engine. It was from those humble beginnings-where everyone pitched in to help one another in their community-that the organization forged its way of business forever. Today, the San Francisco-based credit union has grown to $1.7B in assets and a membership that extends from the regional firefighters we trace our roots back to throughout our many neighbors in San Francisco, San Mateo and Marin Counties. Our members benefit from the ideas and principles that have shaped us: Shared trust, continuous innovation of products and services, competitive rates, and excellent member service. These qualities foster a true sense of member-ownership and strengthen the credit union's bond with the people for whom this credit union was created.
What we stand for...
There are a few things we look for those we hire at SF Fire Credit Union, regardless of role or team.
First, do they align with our values?
Be Personal - Walk the Member/Employee Path
Be a Leader - Empower, Collaborate, Own
Be Outside the Box - Innovate, Educate, Engage
Be Real - Integrity and Transparency Matter
Be the Connection - Serve our Community
Second, will they thrive in a culture like ours, where we default to trust, embrace feedback, and desire to innovate? Finally, do they share our vision to help empower members to accomplish their dreams and build lasting financial security in whatever way is most relevant to their role?
What it feels like...
Most days it feels more like going to work with a big family. Whether it's a pot luck lunch, baking birthday cakes for colleagues in the kitchen, or after-hours get together, we're here to do a great job and have a good time while doing it! We value a good sense of humor, are motivated by a higher purpose, and always bring an "in-this-together" attitude. While we're driven to do great work, we also value real work/life balance.
Is This the Career for You?
The Vice President, Head of Enterprise Risk Management (ERM) is a senior leadership role responsible for designing, implementing, and continuously maturing the Credit Union's enterprise risk management framework. This role provides strategic oversight across all risk disciplines, including ERM, Compliance, Business Continuity Planning (BCP), and Vendor Risk Management.
The VP will lead the organization's efforts to identify, assess, monitor, and mitigate risks across all NCUA risk categories, while ensuring alignment with regulatory expectations, industry best practices, and organizational strategy. A critical component of this role is strong expertise in technology and IT-related risks, including cybersecurity, data governance, and IT compliance.
What You'll Be Doing
Enterprise Risk Management Leadership
  • Lead the development, implementation, and ongoing enhancement of a formal Enterprise Risk Management (ERM) framework aligned with regulatory expectations and industry standards (e.g., COSO ERM Framework).
  • Establish a holistic risk management approach that integrates risk awareness into strategic planning and operational decision-making.
  • Provide enterprise-wide oversight of risk identification, assessment, mitigation, and monitoring activities.
Risk Oversight Across NCUA Risk Categories
  • Maintain oversight across all seven NCUA risk categories, including Credit Risk, Interest Rate Risk, Liquidity Risk, Operational Risk, Compliance Risk, Strategic Risk, and Reputation Risk.
  • Ensure risks are effectively assessed, documented, and managed across all business units.
Risk Assessments & RCSA Program
  • Design and oversee the Enterprise Risk Assessment program to identify emerging and top organizational risks.
  • Lead the implementation and ongoing enhancement of Risk and Control Self-Assessments (RCSA) across the organization.
  • Ensure consistency, quality, and reliability of risk assessments across business lines.
  • Partner with business leaders to strengthen control environments and risk mitigation strategies.
Risk Appetite & Key Risk Indicators (KRIs)
  • Develop, refine, and maintain the organization's Risk Appetite Framework, ensuring alignment with strategic objectives and board expectations.
  • Establish and monitor KRIs and thresholds to proactively manage risk exposure.
  • Provide actionable insights and early warning signals to executive leadership.
Risk Reporting & Governance
  • Deliver comprehensive, timely, and insightful risk reporting to executive management.
  • Establish strong risk governance structures, including policies, committees, and escalation protocols.
  • Ensure transparency and clarity regarding risk exposure, trends, and emerging risks.
Compliance Oversight
  • Oversee the Compliance function, ensuring adherence to applicable laws, regulations, and regulatory guidance.
  • Maintain strong regulatory relationships and support regulatory examinations and audits.
  • Ensure integration of compliance risk into the broader ERM framework.
Business Continuity Planning
  • Provide executive oversight of Business Continuity and Disaster Recovery programs.
  • Ensure organizational resilience through robust continuity planning, testing, and response capabilities.
  • Oversee crisis management frameworks and incident response coordination.
Vendor Risk Management
  • Oversee the Third-Party/Vendor Risk Management program, ensuring appropriate due diligence, risk assessment, and ongoing monitoring.
  • Ensure compliance with regulatory expectations related to third-party risk management.
  • Evaluate concentration risk, critical vendor dependencies, and operational resilience risks.
Technology Risk & IT Compliance
  • Serve as a key leader overseeing technology-related risks, including Cybersecurity Risk, Information Security, Data Privacy & Governance, and Cloud & Third-Party Technology Risks.
  • Partner with IT and Information Security leadership to ensure robust risk identification and mitigation practices.
  • Ensure compliance with relevant regulatory guidance and frameworks (e.g., FFIEC guidance, NCUA expectations).
  • Translate complex technical risks into clear business and executive-level insights.
Leadership & Collaboration
  • Lead, mentor, and develop a multi-functional risk team spanning ERM, Compliance, Business Continuity Planning (BCP), and Vendor Risk Management.
  • Foster a strong risk culture across the organization through training, communication, and leadership.
  • Serve as a trusted advisor to executive leadership on all risk-related matters.
  • Collaborate cross-functionally with Finance, IT, Internal Audit, and business units.

What We Look For In You
  • Bachelor's degree required; advanced degree preferred (e.g., MS in Risk Management or related field).
  • 12-15+ years of progressive experience in risk management, compliance, or related fields within financial services (credit union or banking experience strongly preferred).
  • 10-15 years of experience in senior leadership roles.
Technical & Leadership Expertise
  • Deep knowledge of enterprise risk management frameworks (e.g., COSO ERM).
  • Strong understanding of NCUA regulations and supervisory expectations.
  • Demonstrated expertise in Risk Appetite Frameworks & KRIs, RCSA Programs & Enterprise Risk Assessments, and Risk Governance & Reporting.
  • Strategic thinker with strong execution capabilities.
  • Exceptional communication and relationship management skills.
  • Proven ability to build and mature risk programs within a dynamic environment.
  • Strong analytical, problem-solving, and decision-making capabilities.
  • High integrity and sound judgment.
Physical Demands
  • The physical demands described here are representative of those required to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.
  • While performing the duties of this role, the employee is regularly required to sit for extended periods of time, use hands to handle objects and operate a computer, and communicate verbally and hear effectively.
  • Specific vision abilities required include close vision and the ability to adjust focus.

Note: This job description is non-contractual and is not intended to be an exhaustive list of responsibilities. Duties and responsibilities may be modified or updated at any time.
Salary
This compensation range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. At SFFCU, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for the San Francisco Market is an annual salary of $156,000 to $234,000.
OUR BENEFITS
We have a competitive compensation and benefits package, but the true reward of working for SF Fire Credit Union goes beyond what you'll see on a pay-stub. We genuinely care our employees and we strive to invest in their professional and personal growth. We're a relatively small organization at about 200 employees, so you can see the impact of your efforts and the value your contributions bring to our members and fellow employees.
  • 401(k) and Employer Match
  • Health, Vision, Dental and Life Insurance
  • Annual Incentive/Bonus Program
  • Tuition Reimbursement Program
  • 11 Paid Holidays + Competitive PTO package
  • Home & Consumer Loan Program (Discounted Rates)
  • Professional development and training programs
  • On-demand personal coaching resource
  • Wellness Program (Discounted Gym Membership)

"Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records."

Apply