1

Vendor Risk Manager Jobs in Minnesota (NOW HIRING)

Cyber Manager - ServiceNow

Minneapolis, MN · On-site

$115K - $156K/yr

... Risk Management workstreams in partnership with architects and product owners • Managing ... vendors across onshore and offshore models; aligning resources and mitigating delivery risks ...

... Risk Management workstreams in partnership with architects and product owners * Managing ... Orchestrating cross-functional teams and vendors across onshore and offshore models; aligning ...

... risk, and strengthen vendor partnerships. They collaborate closely with senior leaders and cross ... Manage sourcing projects using established processes and systems to ensure consistency, efficiency ...

Oversees vendor activities; escalates issues as applicable. * Logs and follows through to disposition Project-related risks, action items, issues, and decisions. * Performs risk management; escalates ...

... vendors, warehouses and carriers to optimize both time & cost of getting the packages delivered ... This role will partner with product managers, operations, and technical teams to provide the data ...

... vendors, warehouses and carriers to optimize both time & cost of getting the packages delivered ... This role will partner with product managers, operations, and technical teams to provide the data ...

next page

Showing results 1-20

Vendor Risk Manager information

See Minnesota salary details

$50.4K

$109.3K

$166.5K

How much do vendor risk manager jobs pay per year?

As of Jul 7, 2026, the average yearly pay for vendor risk manager in Minnesota is $109,259.00, according to ZipRecruiter salary data. Most workers in this role earn between $88,100.00 and $126,300.00 per year, depending on experience, location, and employer.

What is the difference between Vendor Risk Manager vs Vendor Compliance Analyst?

AspectVendor Risk ManagerVendor Compliance Analyst
CertificationsCertified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA)Certified Compliance & Ethics Professional (CCEP), Certified Regulatory Compliance Manager (CRCM)
Work EnvironmentRisk management teams, procurement, legal departmentsCompliance departments, audit teams, legal units
Industry UsageFinance, healthcare, technology, retailFinance, healthcare, manufacturing, technology
Primary FocusIdentifying, assessing, and mitigating vendor risksEnsuring vendor adherence to compliance standards and policies

The Vendor Risk Manager focuses on evaluating and mitigating risks associated with vendors, while the Vendor Compliance Analyst concentrates on ensuring vendors meet regulatory and internal compliance standards. Both roles are essential in managing vendor relationships but differ in their core responsibilities and focus areas.

How does a Vendor Risk Manager typically collaborate with other departments within an organization?

A Vendor Risk Manager works closely with departments like procurement, legal, IT, and compliance to ensure that vendors meet the organization's security and regulatory standards. This collaboration often involves reviewing contracts, assessing potential risks, and implementing mitigation strategies. Regular communication with stakeholders is essential to keep everyone informed about vendor performance and risk status, making cross-functional teamwork a key aspect of the role. Effective collaboration helps streamline risk assessments and supports informed decision-making across the business.

What are the key skills and qualifications needed to thrive as a Vendor Risk Manager, and why are they important?

To thrive as a Vendor Risk Manager, you need expertise in risk assessment, third-party management, and compliance, often backed by a degree in business, finance, or a related field. Familiarity with risk management platforms, contract management tools, and certifications like Certified Third Party Risk Professional (CTPRP) are highly valuable. Strong analytical thinking, negotiation, and clear communication skills help you collaborate with vendors and internal stakeholders effectively. These skills ensure organizations can identify, mitigate, and manage risks arising from third-party relationships, safeguarding business continuity and compliance.

What are Vendor Risk Managers?

Vendor Risk Managers are professionals responsible for identifying, assessing, and mitigating risks associated with third-party vendors that provide goods or services to an organization. They evaluate vendors’ security, compliance, and operational practices to ensure they meet the company’s standards and regulatory requirements. These managers implement frameworks to monitor vendor performance, manage contracts, and respond to potential risks or incidents. Their role is crucial in protecting the organization from financial, reputational, and regulatory harm that can arise from third-party relationships.
What cities in Minnesota are hiring for Vendor Risk Manager jobs? Cities in Minnesota with the most Vendor Risk Manager job openings:
Infographic showing various Vendor Risk Manager job openings in Minnesota as of July 2026, with employment types broken down into 85% Full Time, 13% Part Time, 1% Temporary, and 1% Contract. Highlights an 86% Physical, 1% Hybrid, and 13% Remote job distribution, with an average salary of $109,259 per year, or $52.5 per hour.

Full-time

Medical, Dental, Vision, Retirement, PTO

This job post has expired today. Applications are no longer accepted.


Job description

Description:


Position Summary

The Cybersecurity Analyst is responsible for protecting the bank's information assets, systems, and data through proactive threat analysis, security operations, and compliance with applicable regulatory and industry frameworks. This role serves as a key contributor to Heritage Bank's information security program, with ownership of information security management alignment, AI security governance, and continuous monitoring. Working closely with the VP of Information Technology and in close partnership with the Network Security Engineer, this position ensures the confidentiality, integrity, and availability of bank systems while fostering a culture of security awareness across the organization.


Core Responsibilities

Security Operations & Threat Management

  • Monitor SIEM systems and alert on anomalies, threats, and policy violations
  • Define detection rules and policies for IDS/IPS; own EDR and email security controls
  • Own the vulnerability management program: coordinate assessments, assign risk ratings, and track remediation with the Network Security Engineer
  • Perform threat intelligence analysis and translate findings into defensive action
  • Lead security analysis and forensic response during incidents; coordinate network-level containment with the Network Security Engineer
  • Define patching strategy and standards; partner with the Network Security Engineer on execution


Information Security Management & Regulatory Compliance

  • Own alignment to information security management standards and best practices
  • Maintain the ISMS including risk register, statement of applicability, and control documentation
  • Coordinate internal audits and gap analyses against applicable cybersecurity frameworks and FFIEC guidance
  • Support regulatory examinations; prepare and present security posture documentation
  • Develop and maintain security policies, standards, and procedures
  • Govern access control policies and conduct privilege access reviews with the Network Security Engineer


AI Security & Emerging Technology Risk

  • Develop and maintain the bank's AI security framework, governing the secure adoption and use of AI/ML tools and platforms
  • Assess risks associated with generative AI, third-party AI integrations, and internal AI-assisted workflows
  • Define controls for AI model governance including data privacy, bias risk, adversarial inputs, and output integrity
  • Evaluate AI vendor security practices and ensure appropriate contractual and technical safeguards are in place
  • Monitor the evolving AI threat landscape and provide guidance on emerging risks to leadership
  • Partner with business units to establish acceptable use policies for AI tools in alignment with bank risk appetite


Security Awareness & Training

  • Design and deliver ongoing security awareness training for all bank staff, including phishing simulations
  • Serve as a subject matter expert for staff on cybersecurity best practices and emerging threats
  • Promote a security-first culture in alignment with Heritage Bank's values


Third-Party & Vendor Risk

  • Conduct cybersecurity due diligence on third-party vendors and technology providers
  • Review vendor security assessments (SOC 2, penetration tests, questionnaires) and escalate gaps
  • Provide cybersecurity risk assessments to inform vendor onboarding decisions; collaborate with procurement and the Network Security Engineer on ongoing third-party risk monitoring


Documentation & Reporting

  • Maintain accurate security documentation including risk registers, incident logs, and audit evidence
  • Produce regular cybersecurity metrics and reporting for IT leadership and senior management
  • Define security requirements for disaster recovery and business continuity plans; support testing and validation in partnership with the Network Security Engineer

Bank Standards

At Heritage Bank, we are committed to a customer-centric, service-driven culture. We operate under the following core standards:

  • Mission: Help people succeed financially.
  • Ethics: Always do the right thing.
  • Solutions: Bring innovative solutions to challenges.
  • Ownership: Take accountability and learn from our mistakes.
  • Positivity: Bring energy and enthusiasm to everything we do.


Compensation & Benefits

Get ready to be rewarded! Full-time team members enjoy a comprehensive benefits package including paid time off, paid holidays, and even paid volunteer days. Your health is covered with medical, dental, and vision insurance, plus plan for your future with our 401(k) and ESOP retirement plans. Enjoy additional benefits and incentives consistent with our company policy. Join us and discover how rewarding your career can be!


Disclaimer

This job description outlines the general nature of the role and is not intended to be all-inclusive. Duties, responsibilities, and benefits may change as business needs evolve. Employment is at will, meaning either the employee or the Company may end the employment relationship at any time, consistent with applicable law.


We are an Equal Opportunity Employer and value diversity at all levels of the organization.


Requirements:


Education & Experience

  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity or related field (or equivalent experience)
  • 5+ years of experience in: network engineering, IT infrastructure or cybersecurity operations. Preferably in financial services or a regulated industry.

Technical Skills

  • Strong knowledge of routing and switching (Cisco, Aruba, or similar)
  • Experience with firewalls (e.g., Fortinet, Palo Alto, Cisco ASA)
  • Familiarity with VPNs, VLANs, QoS, and network segmentation
  • Understanding of cloud networking (Azure/AWS)
  • Knowledge of cybersecurity principles and frameworks

Key Competencies

  • Strong problem-solving and analytical skills
  • Ability to work independently and manage multiple priorities
  • Excellent communication skills for both technical and non-technical stakeholders
  • High attention to detail and commitment to security and compliance
  • Proactive mindset with a focus on continuous improvement

Work Environment & Expectations

  • On-call availability for critical incidents and maintenance windows
  • Occasional travel to branch locations
  • Ability to work in a fast-paced, highly regulated environment