1

Vendor Risk Management Jobs (NOW HIRING)

Knowledge of risk management frameworks and regulatory requirements * Thorough understanding of the ... vendors (CFPB, FNMA, HUD, OCC, etc.). * Advancedproficiencyin general computer use (MS Word, Excel ...

Job Summary The Technology Risk Assessor is responsible for managing and assessing a portfolio of technology vendors, with a focus on vendor risk, performance, and overall value delivery. This role ...

Governance & Risk Analyst

Chicago, IL · On-site

$85K - $95K/yr

Key Responsibilities Third-Party Risk Management (TPRM) & Vendor Risk Assessments (VRA) * Conduct end-to-end Vendor Risk Assessments (VRA) including initiation, analysis, follow-ups, and final ...

Risk Manager

Mclean, VA · On-site

$55 - $60/hr

Provide strategic thinking on next levels of maturity in Technology & Vendor Risk management * Act as a cross functional partner in the deployment of our information security program within the ...

WM Vendor Risk Associate

New York, NY · On-site

$58K - $115K/yr

The Wealth Management (WM) Chief Data Office (CDO) sits within the WM Risk organization and strives ... The Vendor Risk Team within WM CDO works to ensure third-party relationships supporting WM are ...

next page

Showing results 1-20

Vendor Risk Management information

See salary details

$43.5K

$103.7K

$167.5K

How much do vendor risk management jobs pay per year?

As of Jul 15, 2026, the average yearly pay for vendor risk management in the United States is $103,704.00, according to ZipRecruiter salary data. Most workers in this role earn between $72,500.00 and $132,000.00 per year, depending on experience, location, and employer.

What is the highest paying risk management job?

In risk management, senior roles such as Chief Risk Officer (CRO) or Director of Risk Management tend to have the highest salaries, often exceeding six figures annually. These positions require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills, especially in financial services, insurance, or large corporations.

What is a vendor risk management job description?

A vendor risk management job involves assessing and monitoring the risks associated with third-party vendors to ensure compliance with security, legal, and operational standards. Responsibilities include conducting risk assessments, developing mitigation strategies, and maintaining vendor relationships, often using tools like risk management software. Strong analytical skills and knowledge of regulatory requirements are essential for this role.

What are the key skills and qualifications needed to thrive in the Vendor Risk Management position, and why are they important?

To thrive in Vendor Risk Management, you need a solid background in risk assessment, contract analysis, and supply chain management, often supported by a degree in business, finance, or a related field. Familiarity with risk management software, vendor management systems, and relevant certifications such as Certified Third Party Risk Professional (CTPRP) are highly valued. Strong attention to detail, excellent communication, and negotiation skills help build effective vendor relationships and navigate complex scenarios. These capabilities are crucial for ensuring organizational compliance, minimizing third-party risks, and maintaining strong supplier performance.

How much does a risk manager get paid?

A risk manager's salary typically ranges from $70,000 to $130,000 annually, depending on experience, industry, and location. Professionals with certifications like CRM or FRM and strong analytical skills tend to earn higher salaries, especially in financial services and corporate sectors.

What is vendor risk management?

Vendor risk management is a process used by organizations to identify, assess, and mitigate risks associated with third-party vendors. It involves evaluating vendors' security, compliance, and operational practices to ensure they do not pose threats to the organization’s data, reputation, or operations, often supported by tools like risk assessment frameworks and requiring ongoing monitoring.

What is a Vendor Risk Management job?

A Vendor Risk Management (VRM) job involves assessing, monitoring, and mitigating risks associated with third-party vendors and suppliers. Professionals in this role evaluate vendor security, compliance, and operational risks to protect their organization from potential disruptions, data breaches, or regulatory violations. They work closely with procurement, legal, and IT teams to establish risk management frameworks and ensure vendors meet contractual and security standards. Their responsibilities often include conducting risk assessments, reviewing vendor contracts, and developing risk mitigation strategies. Effective VRM helps organizations reduce exposure to risks while maintaining productive vendor relationships.

What are some common challenges faced in a Vendor Risk Management role?

Professionals in Vendor Risk Management often encounter the challenge of assessing and monitoring a wide range of vendors, each with unique risk profiles and compliance requirements. Balancing multiple projects, managing deadlines, and ensuring clear communication between internal stakeholders and vendors can also be demanding. Staying updated on evolving regulatory standards and quickly adapting to new risks is essential in this role. Overcoming these challenges requires strong organizational skills, continual learning, and proactive relationship management.

More about Vendor Risk Management jobs
What cities are hiring for Vendor Risk Management jobs? Cities with the most Vendor Risk Management job openings:
What are the most commonly searched types of Vendor Risk Management jobs? The most popular types of Vendor Risk Management jobs are:
What states have the most Vendor Risk Management jobs? States with the most job openings for Vendor Risk Management jobs include:
Infographic showing various Vendor Risk Management job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 82% Full Time, 14% Part Time, 1% Temporary, and 2% Contract. Highlights an 88% Physical, 2% Hybrid, and 10% Remote job distribution, with an average salary of $103,704 per year, or $49.9 per hour.

Vice President, Operational Risk Management

Golubcapital

Dallas, TX • On-site

Full-time

Retirement, PTO

Posted 6 days ago


Job description

Position Information

Hiring Manager:

Associate Director

Department:

Operational Risk Management

Department Overview

The Operational Risk Management ("ORM") Department is responsible for the Risk Mitigation Framework. The Risk Mitigation Framework provides the process, tools and approach that are needed to support and enhance the control environment required to minimize operational risks related to Golub Capital's non-investment functions. The Risk Mitigation Framework was created to minimize material losses, provide process and internal control oversight, and anticipate potential material loss events. The Risk Mitigation Framework is comprised of a set of consistent and repeatable elements that allow Golub Capital to identify, assess, mitigate, and report on the operational risk profile of the firm. The Risk Mitigation programs include Risk and Control Self-Assessment ("RCSA"), Issue Management ("IM"), Vendor Risk Management ("VRM"), Business Continuity Management ("BCM"), and Internal Control Testing ("ICT").

Position Responsibilities

The essential functions of this role include participating in the assessment of risks facing Golub Capital and supporting the development of a comprehensive plan to identify, measure, monitor and report risk components. We are seeking an individual to support the continued development of this function and help advance the program. This individual will serve as a subject matter expert for the Vendor Risk Management (VRM) and Business Continuity Management (BCM) programs and will be responsible for expanding the program's capabilities, increasing participation and driving process improvements.

This role requires strong project management skills to develop detailed plans, track progress, manage obstacles and deliver initiatives on time and within budget. This is an internal client-facing role requiring communication with users at all levels of the organization.

Responsibilities include but are not limited to:

  • Overseeing the development and implementation of initiatives and tasks associated with the VRM and BCM programs
  • Guiding the implementation of the VRM framework, providing strategic direction to the First and Second Line of Defense
  • Managing the central vendor repository for the Firm and overseeing the automation of vendor on-boarding and off-boarding processes
  • Ensuring effective vendor risk mitigation plans and providing stakeholders with visibility into current and emerging risks
  • Leading VRM training initiatives to ensure effective application and awareness of the program across the Firm
  • Staying informed of industry developments and regulatory requirements, ensuring compliance and proactive adaptation
  • Liaising with third-party vendors, as required
  • Creating and maintaining VRM and BCM-related reporting for senior management and oversight committees
  • Proactively identifying, tracking and analyzing operational risks within Golub Capital and implementing critical control improvement
  • Representing the ORM Team interests at internal meetings, committees and working groups
  • Building and maintaining relationships with key ORM stakeholders, promoting a robust risk culture
  • Delivering concise risk assessments and program insights to senior management to support informed decisionmaking
  • Cultivating strong crossfunctional relationships to advance program understanding and enterprisewide adoption

Candidate Requirements

Qualifications & Experience:

  • Bachelor's degree required
  • 10+ years of experience in financial services risk management, management information systems or related role
  • Experience and detailed knowledge of third-party risk management, financial services industry practices, internal controls and regulatory requirements
  • Certifications (Preferred): Operational Risk Management Certificate, Certified Third Party Risk Management Professional (C3PRMP) or Project Management (PMP)
  • Experience and knowledge with operational loss causes, measures and mitigation strategies
  • Experience analyzing Excel reports with ability to leverage formulas preferred
  • Experience with third-party risk management systems (Processuntiy, Aravo)
  • Assertive, self-motivated, team oriented, flexible and able to multi-task
  • Excellent analytical and problem-solving skills
  • Exceptional written and verbal communication skills; capable of communicating effectively across all levels of the organization
  • Attention to detail and strong organizational skills, including the ability to manage several projects at one time
  • Highly resourceful and proven ability to work both independently and as a team member
  • Ability to probe sensitive issues while maintaining high level of integrity and objectivity
  • Demonstrated ability to effectively leverage AI tools in day-to-day work, with strong critical thinking to assess accuracy, limitations and appropriate use of AI generated outputs
  • Enthusiastic about working in office and creating a Gold Standard hybrid work culture

Critical Competencies for Success

Our Gold Standards define key behaviors and competencies across 4 dimensions: Leadership, Achieving Results, Personal Effectiveness and Thinking Critically. These behaviors and competencies drive our ability to win together.

  • Leadership: Role models in this area consistently focus on the right goals and priorities and continually develop themselves and others. Always team players, they influence and engage with others to contribute to a supportive and inclusive culture where all feel welcome.

  • Achieving Results: Role models in this area are high achievers who develop careful plans and deliver consistently and effectively. They hold themselves and others accountable for delivering high quality results, and they remove barriers to ensure others can contribute and grow.

  • Personal Effectiveness: Role models in this area build strong relationships, treat others with respect and communicate effectively. They are driven to exceed expectations and are adaptable to changing circumstances.

  • Thinking Critically: Role models in this area understand our business, rely on analytical reasoning and seek diverse perspectives to solve problems. They are forward thinking, anticipating issues and addressing them in advance.

The department-specific competencies define the knowledge, skills and abilities that are needed to successfully perform the functional or technical work of this role.

  • Change Management: Communicates the benefits and the impact of refinements to internal processes or technology.

  • Innovative Mindset: Leverages an agile and creative mindset to drive innovative value creation, continuous process improvement and proactive learning through new technology, processes and people.

  • Risk Management: Identifies, forecasts and articulates ways to pursue and manage informed risks in ambiguous, complex or uncertain situations based on sound value propositions and an analysis of potential rewards and costs.

  • Technical Communication and Documentation: Documents and communicates technical processes and procedures in area of specialty to stakeholders. Adapts the level of detail and specificity based on the needs of the intended audience.

  • Industry Knowledge: Demonstrates an understanding of risk management and the Firm's position in the industry, including its complex structure and competitive advantage in the marketplace. Monitors industry trends and changes and recognizes their relevancy and implications.

  • Business Needs Assessment: Identifies business needs across departments within the Firm to understand the challenges, goals and problems that the business needs to solve and identifies appropriate technical solutions.

  • Project / Program Management: Manages projects and / or programs through planning, identifying resources, monitoring and communicating project activities and assessing impacts of project decisions.

Compensation and Benefits

For Illinois Only: It is expected that the base salary range for this position will be $115,000 to $180,000. Actual salaries may vary based on factors such as skills, experiences and qualifications for the role. The total compensation package for this position may also include other elements and discretionary awards in addition to a full range of medical, financial and / or other benefits (including 401(k) eligibility and various paid time off benefits such as vacation, sick time and parental leave) dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, the employee will be in an 'at-will position' and the Firm reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time including for reasons related to individual performance, Firm or individual department / team performance and market factors.

Golub Capital is an Equal Opportunity Employer.

Due to the highly regulated nature of Golub Capital's business and because of the sensitivity of the information that all personnel have access to, Golub Capital performs extensive and thorough pre-hire screens to ensure that its personnel act with expected levels of integrity, professionalism and personal responsibility.

Please review Golub Capital's US Job Applicant privacy notice and, for California residents, the California Applicant privacy notice for information on how your personal data is collected, processed and stored.