×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Senior Consultant - Third Party Risks

Job in New York, New York County, New York, 10261, USA
Listing for: Control Risks
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Location: New York

We are seeking a highly skilled and motivated Third‑Party Manager to support our client in developing and maturing their third‑party risk management (TPRM) framework. In this role, you will support the creation of a full vendor inventory, design due‑diligence questionnaires, and perform comprehensive due‑diligence assessments across the vendor lifecycle. You will play a central role in ensuring that third‑party risks are identified, assessed, and managed effectively while collaborating closely with internal and external stakeholders.

  • Develop, maintain, and continuously update a complete inventory of all vendors, suppliers, and third‑party service providers.
  • Classify vendors based on criticality, service type, data access, and inherent risk.
  • Design risk‑based due‑diligence questionnaires tailored to different vendor categories (e.g., cyber, financial, operational, regulatory).
  • Conduct initial and ongoing due‑diligence assessments, including analysis of financial stability, cybersecurity controls, data protection practices, business continuity, and compliance posture.
  • Review and interpret SOC reports, ISO certifications, penetration testing results, and other external assurance documentation.
  • Identify control gaps and document findings in clear, risk‑based reports supported by actionable recommendations.
  • Support stakeholders during vendor onboarding and renewal processes by validating risk, compliance, and performance.
  • Maintain and update risk assessment documentation throughout the vendor lifecycle.
  • Monitor key vendor SLAs, KPIs, and contractual obligations.
  • Conduct periodic vendor performance reviews and elevate identified issues.
  • Support remediation planning and provide oversight of vendor corrective actions.
  • Serve as a primary point of contact for both internal stakeholders and third‑party partners.
  • Develop standardized templates, workflows, and procedures for third‑party oversight.
  • Build dashboards and reporting packs for senior management and risk committees.
  • Ensure all due‑diligence records, approvals, and risk treatment plans are maintained in accordance with governance requirements.
  • Support the development of policies and playbooks related to third‑party risk management.
  • Bachelor’s degree in Risk Management, Business, Cybersecurity, Supply Chain, or related field.
  • 5+ years of experience in third‑party risk management, vendor management, procurement, or risk/compliance.
  • Demonstrable experience developing due‑diligence questionnaires and performing vendor risk assessments.
  • Strong understanding of frameworks such as ISO 27001, NIST, SOC 2, and data‑protection requirements.
  • Ability to analyze complex documentation (e.g., contracts, SOC reports, financial statements) and translate findings into clear recommendations.
  • Strong stakeholder‑management skills and experience supporting clients across diverse industries.
  • Excellent written communication skills and the ability to prepare high‑quality reports.
Desired Skills
  • Certifications such as CISM, CRISC, CISA, ISO 27001 Lead Auditor, or relevant vendor‑risk qualifications.
  • Experience with TPRM/VRM systems (e.g., Archer, Service Now VRM, One Trust, Prevalent).
  • Understanding of cybersecurity domains relevant to third‑party risk, including access control, data protection, and incident response.
  • Experience working in global or regulated environments with complex supply‑chain or vendor ecosystems.
  • Ability to manage multiple simultaneous assessments and deadlines.
  • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
  • We operate a discretionary bonus scheme that incentivizes, and rewards individuals based on company and individual performance.
  • Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program.

The base salary range for this position is $per year. Exact compensation offered may vary depending on job‑related knowledge, skills, and experience.

Control Risks is committed to a diverse environment and is proud to be an…

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search