Maintain vendor risk inventory and supporting documentation * Assist in preparing reports for management and regulatory exams * Escalates overdue remediation items and unresolved control gaps.
Maintain vendor risk inventory and supporting documentation * Assist in preparing reports for management and regulatory exams * Escalates overdue remediation items and unresolved control gaps.
Maintain vendor risk inventory and supporting documentation * Assist in preparing reports for management and regulatory exams * Escalates overdue remediation items and unresolved control gaps.
Maintain vendor risk inventory and supporting documentation * Assist in preparing reports for management and regulatory exams * Escalates overdue remediation items and unresolved control gaps.
Senior Cybersecurity Risk Analyst - USA Remote
Phoenix, AZ · Remote
$130K - $160K/yr
Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review ...
Senior Cybersecurity Risk Analyst - USA Remote
Phoenix, AZ · Remote
$130K - $160K/yr
Execute the third-party risk management (TPRM) lifecycle end-to-end, including vendor intake, inherent-risk tiering, security and privacy questionnaire administration, evidence collection and review ...
This role performs vendor risk assessments, evaluates control effectiveness, reviews supporting ... The position reports to the Senior Manager, GRC and partners closely with Technology, Internal ...
This role performs vendor risk assessments, evaluates control effectiveness, reviews supporting ... The position reports to the Senior Manager, GRC and partners closely with Technology, Internal ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Senior Consultant, Ongoing Monitoring, Alerts & Triggers - Third Party Risk Management
Tempe, AZ · On-site
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Senior Consultant, Ongoing Monitoring, Alerts & Triggers - Third Party Risk Management
Tempe, AZ · On-site
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Senior Consultant, Ongoing Monitoring, Alerts & Triggers - Third Party Risk Management
Tempe, AZ · On-site
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Senior Consultant, Ongoing Monitoring, Alerts & Triggers - Third Party Risk Management
Tempe, AZ · On-site
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Primarily, you will work closely with the TPMO team manager to assist in strategy and design ... Engage with risk domain SME's, vendors and vendor relationship managers * Serve as the point of ...
Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
Own the third-party risk framework and partner across Procurement, Finance, Legal, Cyber, Risk, and Technology to strengthen vendor governance, manage risk, and inform long-term investment decisions.
First Line Risk & Control RCSA Manager Location: CityScape What you'll do: This role is a first ... vendors, issues, regulatory or legal matters, etc. * Conduct / oversee meetings with clear ...
First Line Risk & Control RCSA Manager Location: CityScape What you'll do: This role is a first ... vendors, issues, regulatory or legal matters, etc. * Conduct / oversee meetings with clear ...
First Line Risk & Control RCSA Manager Location: CityScape What you'll do: This role is a first ... vendors, issues, regulatory or legal matters, etc. * Conduct / oversee meetings with clear ...
First Line Risk & Control RCSA Manager Location: CityScape What you'll do: This role is a first ... vendors, issues, regulatory or legal matters, etc. * Conduct / oversee meetings with clear ...
We are seeking a data-driven Risk Manager who can break down and solve complex problems. This ... partners, vendors, and Amazon from fraud, counterfeit, and abuse. The Special Projects and ...
We are seeking a data-driven Risk Manager who can break down and solve complex problems. This ... partners, vendors, and Amazon from fraud, counterfeit, and abuse. The Special Projects and ...
IT Vendor Financials & Contract Manager
Tempe, AZ · On-site +1
Third-Party Risk Management (TPRM) * Service Level Management (SLM) * Contract Management Pro ... Experience managing vendor SLA compliance and SLO frameworks * Experience establishing or ...
IT Vendor Financials & Contract Manager
Tempe, AZ · On-site +1
Third-Party Risk Management (TPRM) * Service Level Management (SLM) * Contract Management Pro ... Experience managing vendor SLA compliance and SLO frameworks * Experience establishing or ...
GRC Analyst
Phoenix, AZ · On-site
Strong experience in SaaS assessments, vendor risk management, or cloud security. * Good understanding of shared responsibility models across cloud providers. * Knowledge of regulatory and control ...
Quick apply
GRC Analyst
Phoenix, AZ · On-site
Strong experience in SaaS assessments, vendor risk management, or cloud security. * Good understanding of shared responsibility models across cloud providers. * Knowledge of regulatory and control ...
Vendor Risk Manager information
See Phoenix, AZ salary details
$51.1K - $61.8K
4% of jobs
$61.8K - $72.5K
6% of jobs
$72.5K - $83.2K
11% of jobs
$87.2K is the 25th percentile. Wages below this are outliers.
$83.2K - $93.9K
11% of jobs
The median wage is $102.4K / yr.
$93.9K - $104.6K
23% of jobs
$104.6K - $115.3K
13% of jobs
$122.4K is the 75th percentile. Wages above this are outliers.
$115.3K - $126K
12% of jobs
$126K - $136.7K
8% of jobs
$136.7K - $147.4K
6% of jobs
$147.4K - $158.1K
4% of jobs
$158.1K - $168.8K
2% of jobs
$51.1K
$110.8K
$168.8K
How much do vendor risk manager jobs pay per year?
What is the difference between Vendor Risk Manager vs Vendor Compliance Analyst?
| Aspect | Vendor Risk Manager | Vendor Compliance Analyst |
|---|---|---|
| Certifications | Certified Third Party Risk Professional (CTPRP), Certified Information Systems Auditor (CISA) | Certified Compliance & Ethics Professional (CCEP), Certified Regulatory Compliance Manager (CRCM) |
| Work Environment | Risk management teams, procurement, legal departments | Compliance departments, audit teams, legal units |
| Industry Usage | Finance, healthcare, technology, retail | Finance, healthcare, manufacturing, technology |
| Primary Focus | Identifying, assessing, and mitigating vendor risks | Ensuring vendor adherence to compliance standards and policies |
The Vendor Risk Manager focuses on evaluating and mitigating risks associated with vendors, while the Vendor Compliance Analyst concentrates on ensuring vendors meet regulatory and internal compliance standards. Both roles are essential in managing vendor relationships but differ in their core responsibilities and focus areas.
How does a Vendor Risk Manager typically collaborate with other departments within an organization?
What are the key skills and qualifications needed to thrive as a Vendor Risk Manager, and why are they important?
What are Vendor Risk Managers?
Other
Medical, Dental, Vision, Retirement, PTO
Posted 8 days ago
OneAZ Credit Union rating
8.1
Based on 5 frontline employees who took The Breakroom Quiz
Job description
Join Us in Making an Impact
At OneAZ Credit Union, our success is measured only by yours. We're here to create lasting change in the lives of our members, our communities, and our team. If you're looking for a career with purpose, where your work truly matters-you've found it!
Who You Are
You're impactful, compassionate, and fearless, ready to embrace new challenges and shape the future of financial well-being. You take accountability for our success and thrive in an environment where curiosity is celebrated. If this sounds like you, let's build something great together.
What You'll Do
This position will be located at our Corporate Office: 2355 W Pinnacle Peak Rd, Phoenix, AZ 85027
- Perform risk-based due diligence and ongoing monitoring of third-party vendors
- Review and analyze Security questionnaires
- Review and analyze SOC 1 / SOC 2 reports
- Review and analyze Business continuity and disaster recovery documentation
- Document vendor risk assessments and identify control gaps
- Drive remediation efforts and follow up with business owners and vendors
- Maintain vendor risk inventory and supporting documentation
- Assist in preparing reports for management and regulatory exams
- Escalates overdue remediation items and unresolved control gaps.
- Support coordination of incident response activities (cybersecurity, and security/operational incidents)
- Track incidents from identification through resolution
- Manage incident documentation, evidence tracking, and record maintenance
- Assist in post-incident reviews, including root cause analysis and lessons learned
- Support development and maintenance of incident response procedures and playbooks
- Participate in incident response testing and tabletop exercises
- Compile and maintain reporting on Vendor risk assessments and outstanding issues
- Compile and maintain reporting on Incident trends and metrics
- Coordinate with IT and compliance teams to ensure timely execution of security operational requirements.
- Ensure documentation is complete, organized, and audit-ready
- Identify and deliver security training programs to employees, promoting best practices and enhancing the organization's security posture.
- Review penetration testing and security. Perform ongoing analysis of security systems logs and intrusion detection tools/procedures.
- Monitor changes in the security industry including new vulnerabilities, viruses, intrusions, fraud schemes, and best practices and tools available for system/network protection. Recommend appropriate technical changes to maintain designated security protection levels
What You Bring
- High School Diploma or GED Required
- Bachelors Degree in Business, Information Security, Risk Management, or related field (or equivalent experience)
- 3-5 years similar or related experience in one or more areas: Vendor/Third-Party Risk Management, Information Security or IT Risk, Incident Management or Incident Response
- Understanding of vendor risk management and due diligence practices
- Familiarity with SOC reports and basic control frameworks
- Working knowledge of incident response lifecycle and documentation
- Strong attention to detail and documentation discipline
- Ability to manage multiple priorities and meet deadlines
- Effective written and verbal communication skills
- Demonstrated ability to independently manage operational security tasks and drive follow-through across stakeholders.
- Strong written and verbal communication with consistent escalation and status reporting discipline.
Compensation & Benefits
- Generous paid time off: paid holidays, floating holidays, personal days, vacation days, plus sick time, Low-cost Medical, Dental & Vision plans
- Paid childcare assistance
- Award-winning 401K
- Gym fee reimbursement
- Tuition Reimbursement
- Student loan repayment
- ...and much more. Explore all the details in our comprehensive Benefits Booklet
- Target hiring range $84,149.19 - $105,186.49 (Depending on experience and prior to any incentives this position is eligible for)
Why Join OneAZ?
At OneAZ, we're not just a credit union; we're a financial trailblazer that passionately cares about inspiring dreams and driving prosperity in the communities we serve. We exist to clear the way for dreamers and doers, aspiring to be the bank for new pioneers.
We are driving change in our communities, constantly improving our products and services so our members and their families can relentlessly pursue their dreams. By embodying our values and living our promise, you'll be part of a team committed to exceeding expectations and redefining what's possible.
Additional Notes:
Knowingly submitting false information will result in disqualification for consideration of future positions, termination of employment and forfeiture of other rights. Candidates for this position will be required to sign an authorization for OneAZ to conduct a credit and criminal background check, pursuant to procedures in the Fair Credit Reporting Act and any other applicable laws. All candidates will be considered for this position on an individualized basis, in compliance with all applicable equal employment opportunity laws. Any individual who meets the definition of a mortgage loan originator (MLO) and is employed by a federal agency-regulated institution will need to be registered on the Nationwide Mortgage Licensing System (NMLS). Ensures compliance with applicable policies, laws, and regulations, including the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) compliance, USA Patriot Act, and Office of Foreign Assets Control (OFAC). This job description should not be considered all-inclusive. It is merely a guide of expected duties. The associate understands that the job description is neither complete, nor permanent and may be modified at any time. At the request of their supervisor, an associate may be asked to perform additional duties or take on additional responsibilities without notice. Complies with all policies and standards. Position grades could fluctuate based on market value.
What OneAZ Credit Union employees say
Pay
Hours and flexibility
Workplace
Get the full story on Breakroom
About OneAZ Credit Union
Sourced by ZipRecruiter
Industry
Commercial banking
Company size
201 - 500 Employees
Headquarters location
Phoenix, AZ, US
Year founded
1951