Job Summary:
We are seeking a seasoned Third Party Risk Management (TPRM) Architect with over 10 years of experience in risk, compliance, and security domains. The ideal candidate will have a deep understanding of TPRM frameworks, vendor risk governance, and hands-on experience in implementing platforms such as ServiceNow VRM, Archer, or other GRC solutions. This role is critical in shaping and delivering scalable, enterprise-level TPRM architectures that align with business and regulatory requirements.
Key Responsibilities:
• Lead the architectural design and implementation of TPRM programs and platforms.
• Define and manage TPRM frameworks, policies, and processes across the vendor lifecycle.
• Implement and customize TPRM solutions on platforms like ServiceNow VRM, RSA Archer, ProcessUnity, etc.
• Integrate TPRM platforms with internal systems (e.g., CMDB, ITSM, IAM, procurement).
• Design workflows for vendor onboarding, due diligence, risk scoring, remediation, and offboarding.
• Ensure alignment with global compliance standards (e.g., ISO 27001, SOC 2, NIST, GDPR).
• Develop automated assessments, evidence collection, and reporting capabilities.
• Collaborate with cross-functional teams including InfoSec, Legal, Procurement, and Business Units.
• Perform risk assessments and advise on remediation strategies and governance improvements.
• Provide guidance to TPRM analysts, developers, and program managers.
Required Skills:
• 10+ years of total experience in Risk Management, Information Security, and/or GRC.
• Minimum 4+ years in architecting or leading TPRM solutions.
• Deep understanding of third-party/vendor risk management best practices and regulatory expectations.
• Hands-on experience with tools like ServiceNow VRM, RSA Archer, OneTrust, BitSight, Prevalent, or similar.
• Strong skills in workflow design, automation, and data modeling.
• Familiarity with integration methods (REST/SOAP APIs, SFTP, connectors).
• In-depth knowledge of frameworks: ISO 27001, NIST, SOC 2, GDPR, HIPAA.
Preferred Certifications:
• ServiceNow Certified Implementation Specialist – VRM (if applicable)
• CISSP, CISA, CRISC, CTPRP (Certified Third Party Risk Professional), or equivalent
• ITIL v4 Foundation
Soft Skills:
• Excellent communication, stakeholder management, and presentation skills.
• Strategic thinking with a strong attention to risk and regulatory detail.
• Ability to lead and work in global, remote, cross-functional teams.
• Proven problem-solving and decision-making capabilities.
<p>Job Summary: <br> We are seeking a seasoned Third Party Risk Management (TPRM) Architect with over 10 years of experience in risk, compliance, and security domains. The ideal candidate will have a deep understanding of TPRM frameworks, vendor risk governance, and hands-on experience in implementing platforms such as ServiceNow VRM, Archer, or other GRC solutions. This role is critical in shaping and delivering scalable, enterprise-level TPRM architectures that align with business and regulatory requirements. <br></p> <p>Key Responsibilities: <br> • Lead the architectural design and implementation of TPRM programs and platforms. <br> • Define and manage TPRM frameworks, policies, and processes across the vendor lifecycle. <br> • Implement and customize TPRM solutions on platforms like ServiceNow VRM, RSA Archer, ProcessUnity, etc. <br> • Integrate TPRM platforms with internal systems (e.g., CMDB, ITSM, IAM, procurement). <br> • Design workflows for vendor onboarding, due diligence, risk scoring, remediation, and offboarding. <br> • Ensure alignment with global compliance standards (e.g., ISO 27001, SOC 2, NIST, GDPR). <br> • Develop automated assessments, evidence collection, and reporting capabilities. <br> • Collaborate with cross-functional teams including InfoSec, Legal, Procurement, and Business Units. <br> • Perform risk assessments and advise on remediation strategies and governance improvements. <br> • Provide guidance to TPRM analysts, developers, and program managers. <br></p> <p>Required Skills: <br> • 10+ years of total experience in Risk Management, Information Security, and/or GRC. <br> • Minimum 4+ years in architecting or leading TPRM solutions. <br> • Deep understanding of third-party/vendor risk management best practices and regulatory expectations. <br> • Hands-on experience with tools like ServiceNow VRM, RSA Archer, OneTrust, BitSight, Prevalent, or similar. <br> • Strong skills in workflow design, automation, and data modeling. <br> • Familiarity with integration methods (REST/SOAP APIs, SFTP, connectors). <br> • In-depth knowledge of frameworks: ISO 27001, NIST, SOC 2, GDPR, HIPAA. <br></p> <p>Preferred Certifications: <br> • ServiceNow Certified Implementation Specialist – VRM (if applicable) <br> • CISSP, CISA, CRISC, CTPRP (Certified Third Party Risk Professional), or equivalent<br> • ITIL v4 Foundation<br></p> <p>Soft Skills: <br> • Excellent communication, stakeholder management, and presentation skills. <br> • Strategic thinking with a strong attention to risk and regulatory detail. <br> • Ability to lead and work in global, remote, cross-functional teams. <br> • Proven problem-solving and decision-making capabilities.<br></p>