ZipRecruiter

Log In

1

Vendor Risk Management Jobs in Ohio (NOW HIRING)

Kokosing

Senior GRC Analyst

Westerville, OH · On-site

$92K - $121K/yr

Maintain and improve vendor risk management * Support CMMC compliance and audits * Help design and implement a data governance program * Manage security policies, standards, and updates * Partner ...

7 17 Credit Union

Be Seen First

Senior Risk Management Analyst

Warren, OH · On-site

$52K - $65K/yr

Perform primary functions of Vendor Management Program including classifying vendors, performing due diligence and risk assessments on vendors, maintaining and monitoring vendor contracts and due ...

Kokosing

Senior GRC Analyst

Westerville, OH · On-site

$92K - $121K/yr

Maintain and improve vendor risk management * Support CMMC compliance and audits * Help design and implement a data governance program * Manage security policies, standards, and updates * Partner ...

Cypress HCM

Legal Operations Analyst

Cincinnati, OH · On-site

$35 - $40/hr

Manage the third-party vendor inventory and vendor lifecycle within OneTrust * Conduct vendor risk assessments and track remediation activities * Coordinate outreach to vendors for Data Protection ...

next page

Showing results 1-20

All JobsVendor Risk Management JobsVendor Risk Management Jobs in Ohio

Vendor Risk Management information

See Ohio salary details

$41.4K

$98.6K

$159.2K

How much do vendor risk management jobs pay per year?

As of Jun 23, 2026, the average yearly pay for vendor risk management in Ohio is $98,591.00, according to ZipRecruiter salary data. Most workers in this role earn between $68,900.00 and $125,500.00 per year, depending on experience, location, and employer.

What is the highest paying risk management job?

In risk management, senior roles such as Chief Risk Officer (CRO) or Director of Risk typically have the highest salaries, often exceeding six figures annually. These positions require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills, especially in financial services, insurance, or large corporations.

Do risk managers make good money?

Risk managers, including those in vendor risk management, typically earn competitive salaries that vary by experience, industry, and location. According to industry reports, median annual salaries range from $70,000 to over $120,000, with additional compensation for certifications like CRISC or FRM. The role often requires strong analytical skills and knowledge of compliance and risk assessment tools.

What are the key skills and qualifications needed to thrive in the Vendor Risk Management position, and why are they important?

To thrive in Vendor Risk Management, you need a solid background in risk assessment, contract analysis, and supply chain management, often supported by a degree in business, finance, or a related field. Familiarity with risk management software, vendor management systems, and relevant certifications such as Certified Third Party Risk Professional (CTPRP) are highly valued. Strong attention to detail, excellent communication, and negotiation skills help build effective vendor relationships and navigate complex scenarios. These capabilities are crucial for ensuring organizational compliance, minimizing third-party risks, and maintaining strong supplier performance.

How much does a Risk Manager get paid?

The average salary for a Risk Manager typically ranges from $80,000 to $130,000 annually, depending on experience, industry, and location. Professionals in vendor risk management often require certifications like CRISC or FRM and may work in financial, healthcare, or technology sectors.

What is a Vendor Risk Management job?

A Vendor Risk Management (VRM) job involves assessing, monitoring, and mitigating risks associated with third-party vendors and suppliers. Professionals in this role evaluate vendor security, compliance, and operational risks to protect their organization from potential disruptions, data breaches, or regulatory violations. They work closely with procurement, legal, and IT teams to establish risk management frameworks and ensure vendors meet contractual and security standards. Their responsibilities often include conducting risk assessments, reviewing vendor contracts, and developing risk mitigation strategies. Effective VRM helps organizations reduce exposure to risks while maintaining productive vendor relationships.

What is a vendor Risk Manager?

A Vendor Risk Manager is responsible for assessing and mitigating risks associated with third-party vendors and suppliers. They evaluate vendor security, compliance, and performance, often using risk management tools and frameworks to ensure organizational safety and regulatory adherence.

What are some common challenges faced in a Vendor Risk Management role?

Professionals in Vendor Risk Management often encounter the challenge of assessing and monitoring a wide range of vendors, each with unique risk profiles and compliance requirements. Balancing multiple projects, managing deadlines, and ensuring clear communication between internal stakeholders and vendors can also be demanding. Staying updated on evolving regulatory standards and quickly adapting to new risks is essential in this role. Overcoming these challenges requires strong organizational skills, continual learning, and proactive relationship management.

What are the most commonly searched types of Vendor Risk Management jobs in Ohio? The most popular types of Vendor Risk Management jobs in Ohio are:
What are popular job titles related to Vendor Risk Management jobs in Ohio? For Vendor Risk Management jobs in Ohio, the most frequently searched job titles are:
What job categories do people searching Vendor Risk Management jobs in Ohio look for? The top searched job categories for Vendor Risk Management jobs in Ohio are:
What cities in Ohio are hiring for Vendor Risk Management jobs? Cities in Ohio with the most Vendor Risk Management job openings:
Vendor Risk Management jobs near you
Infographic showing various Vendor Risk Management job openings in Ohio as of June 2026, with employment types broken down into 92% Full Time, 4% Temporary, and 4% Contract. Highlights an 93% In-person, and 7% Hybrid job distribution, with an average salary of $98,591 per year, or $47.4 per hour.
IT Security Lead - Risk Management

IT Security Lead - Risk Management

Owens Corning

Toledo, OH • On-site

Full-time

Posted 3 days ago

Owens Corning rating

8.0

Company rating: 8.0 out of 10

Based on 98 frontline employees who took The Breakroom Quiz

133rd of 519 rated manufacturers

Job description

PURPOSE OF THE JOB
The IT Security Lead - Risk Management is a critical member of the Owens Corning Global Information Services (GIS) Security team. This role supports the Governance, Risk, and Compliance (GRC) function by executing cybersecurity governance activities, performing risk assessments, maintaining security policies and standards, supporting audits, and enabling compliance across the enterprise.
This role has global responsibility for identifying, analyzing, documenting, and communicating cybersecurity risks and control gaps in support of the cybersecurity risk framework. Strong analytical skills are required to assess complex environments, identify emerging risks and inconsistencies, and translate findings into clear, actionable guidance for risk owners and leadership.
The IT Security Lead - Risk Management also supports cybersecurity compliance activities across projects, programs, facilities, and business functions. This role manages information security communications, including policies, standards, and related requirements, ensuring updates are documented, approved, and communicated in alignment with governance expectations.
Success in this role requires comfort operating in a fast-paced environment, managing multiple priorities, and adjusting to changing business needs. Curiosity, integrity, honesty, and strong attention to detail are essential, particularly when working with regulatory requirements, audit evidence, risk documentation, and enterprise reporting.
Reports to: IT Security Leader - Governance, Risk and Compliance
Span of Control:Individual Contributor
JOB RESPONSIBILITIES
Knowing Our Businesses and their Strategies
  • Maintain strong awareness of evolving security standards, regulatory requirements, and industry best practices, and assess their impact on organizational risk posture and compliance obligations.
  • Enable effective governance and audit readiness for Business Continuity and Disaster Recovery (BCP/DR) controls, aligned with information security, incident response, and compliance requirements.
  • Identify opportunities to align security and compliance initiatives with strategic business programs (e.g., digital transformation, AI adoption, operational resilience), ensuring security is embedded as a business enabler rather than a constraint.
  • Provide governance support for AI and machine-learning capabilities by maintaining and evolving security, governance, and responsible-AI policies aligned to enterprise objectives; executing AI security and risk assessments to identify control gaps and emerging risks; coordinating with Legal, Privacy, and business stakeholders to ensure alignment with regulatory, ethical, and compliance expectations; and continuously monitoring regulatory developments, industry trends, and emerging risks to inform and strengthen governance practices.

Executing Strategy
  • Support enterprise cybersecurity governance and compliance efforts, including development and maintenance of information security policies, standards, procedures, and ISO 27001 ISMS documentation.
  • Perform compliance and assurance activities, including internal control reviews and external audit coordination.
  • Perform information security risk assessments in accordance with the cybersecurity risk framework.
  • Identify control gaps, weaknesses, and emerging risks, document findings clearly and consistently.
  • Support risk owners with analysis, impact statements, and documentation.
  • Track and report risk remediation activities and status.
  • Execute third-party security assessments aligned with vendor risk management processes.
  • Document vendor risks, control gaps, and remediation actions.
  • Maintain vendor risk documentation and audit evidence.
  • Draft, review, and maintain information security policies, standards, procedures, and guidelines.
  • Ensure policies align with ISO 27001, regulatory requirements, and internal governance standards.
  • Perform ongoing control testing and monitoring activities.
  • Track audit findings, remediation activities, and evidence closure.

Influencing in the Function
  • Collaborate with cross-functional partners to support security and compliance requirements.
  • Partner with Internal Controls, Internal Audit, and external auditors to provide evidence, documentation, and subject matter expertise.
  • Engage with application and system owners to assess control effectiveness and document risk posture.
  • Communicate findings clearly, distinguishing between required controls and best-practice recommendations.
  • Prepare accurate, well-articulated reports on ISMS status, assessment results, and compliance metrics.
  • Support documentation, publication, and communication of approved policy and control changes.
  • Promote a culture of accountability, transparency, and continuous improvement within information security.

Developing Talent
  • Support security awareness activities related to policy understanding and adherence.
  • Mentor and coach team members to build information security knowledge, risk awareness, and governance capabilities.
  • Share knowledge with a broader audience through training sessions, forums, and cross-functional engagements on information security topics.
  • Proactively communicate security expectations, emerging risks, and best practices to drive awareness and adoption across the organization.
  • Identify opportunities to improve documentation quality, assessment consistency, and governance processes while enabling team learning and growth.

JOB REQUIREMENTS
MINIMUM QUALIFICATIONS
  • Bachelor's degree in computer science, Information Systems, Information Technology; equivalent experience may be considered in lieu of a degree
  • 5+ years of information security experience
  • 3+ years supporting governance, risk, and compliance functions

KNOWLEDGE, SKILLS AND ABILITIES
  • Strong understanding of project and operational execution in complex environments, with a hands-on, delivery-focused approach
  • Strong knowledge of security controls, data classification, regulatory requirements, and privacy standards, including working knowledge of ISO 27001
  • Excellent analytical, documentation, and problem-solving skills, with the ability to translate risks into clear, actionable controls and audit evidence
  • Proven ability to build trust and work effectively across a highly matrixed, global organization, engaging stakeholders with varying levels of technical expertise
  • Proven ability to manage multiple priorities with strong attention to detail
  • Excellent communication, organizational, and interpersonal skills Self-starter with curiosity and a continuous improvement mindset
  • Service-oriented professional with high personal standards and accountability
  • Working knowledge of AI governance, responsible AI principles, and emerging regulatory considerations, with the ability to translate evolving risks into practical security and compliance frameworks
  • Experience supporting business continuity, disaster recovery, or operational resilience initiatives from a security or compliance perspective
  • Demonstrated ability to distinguish between mandatory security requirements and best practices, and clearly articulate that distinction
  • Ability to travel up to 10%, domestically

#LI-JP1
#LI-HYBRID
About Owens Corning
Owens Corning is a branded building products leader with three complementary market-leading businesses providing roofing, insulation, and doors primarily for residential markets in North America and Europe. The company operates with an integrated go-to-market strategy and a unique set of OC Advantages™ - including its iconic brand, unparalleled commercial strength, leading technology, and winning cost position - to help customers win and grow in the market. Owens Corning is committed to helping build better and achieve more through winning partnerships, leading performance, and engaging people. Founded in 1938 and headquartered in Toledo, Ohio, Owens Corning is listed on the New York Stock Exchange (NYSE: OC). For more information, visit www.owenscorning.com.
Owens Corning is an equal opportunity employer. Except in limited circumstances such as formal apprenticeship programs, Owens Corning does not employ anyone under the age of 18.

What Owens Corning employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

OWENS CORNING logo

About OWENS CORNING

Sourced by ZipRecruiter

Owens Corning (OC) develops, manufactures and markets insulation, roofing, and fiberglass composites. Global in scope and human in scale, the company's market-leading businesses use their deep expertise in materials, manufacturing and building science to develop products and systems that save energy and improve comfort in commercial and residential buildings. Through its glass reinforcements business, the company makes thousands of products lighter, stronger and more durable. Ultimately, Owens Corning people and products make the world a better place. Based in Toledo, Ohio, Owens Corning posted 2017 sales of $6.4 billion and employs 19,000 people in 37 countries. It has been a Fortune 500® company for 64 consecutive years. For more information, please visit www.owenscorning.com. A career at Owens Corning offers the ability to enhance your expertise and achieve your personal and professional aspirations. Through it all, we'll empower you with an environment that encourages open communication and big ideas, competitive pay for your performance, comprehensive benefits, and more opportunities to make your impact.

Industry

Construction materials wholesalers

Company size

10,000+ Employees

Headquarters location

Toledo, OH, US

Social media

FacebookTwitter

View All OWENS CORNING Jobs

Apply