Senior Manager, Third-Party Risk Management (TPRM)

Vantor is forging the new frontier of spatial intelligence, helping decision makers and operators navigate what’s happening now and shape what’s coming next.  Vantor is a place for problem solvers, changemakers, and go-getters—where people are working together to help our customers see the world differently, and in doing so, be seen differently. Come be part of a mission, not just a job, where you can: Shape your own future, build the next big thing, and change the world.

To be eligible for this position, you must be a U.S. Person, defined as a U.S. citizen, permanent resident, Asylee, or Refugee.

Export Control/ITAR: Certain roles may be subject to U.S. export control laws, requiring U.S. person status as defined by 8 U.S.C. 1324b(a)(3).

Please review the job details below.

Vantor is seeking a Senior Manager of Third-Party Risk Management (TPRM) to lead and evolve our enterprise program for managing risks across vendors and partners. This role is responsible for establishing governance, overseeing risk assessments, and driving cross-functional coordination to ensure third-party risks are proactively identified, evaluated, and mitigated. You will serve as a key leader in providing visibility into provider risk exposure across operational, cybersecurity, compliance, and supply chain domains—enabling informed, risk-based decision-making. 

________________________________________ 

Key Responsibilities 

 

Program Leadership & Governance 

• Lead and mature Vantor’s Third-Party Risk Management program and governance framework 

• Develop and maintain policies, standards, and procedures for managing provider risk 

• Provide senior leadership with insights into risk exposure, trends, and mitigation strategies 

Risk Assessment & Oversight 

• Oversee third-party risk tiering, due diligence, and ongoing monitoring processes 

• Evaluate provider risk across: 

• Security & Cybersecurity 

• Compliance 

• Operational performance 

• Financial stability 

• Ensure appropriate remediation, mitigation, and risk acceptance workflows are followed 

Provider Lifecycle Management 

• Maintain oversight of the enterprise provider inventory and risk classification 

• Ensure timely execution of initial assessments and periodic reassessments 

• Track risk findings, mitigation actions, and overall provider risk posture 

Cross-Functional Collaboration 

• Partner closely with: 

• Procurement 

• Legal 

• Security & Cybersecurity 

• Compliance 

• Business stakeholders 

• Integrate risk management practices into the end-to-end provider lifecycle 

• Support inclusion of risk and security requirements in third-party agreements 

• Coordinate cross-functional remediation efforts 

Compliance & Assurance 

• Ensure alignment with organizational policies, contractual obligations, and regulatory requirements 

• Support internal and external audits related to third-party and supply chain risk 

• Maintain documentation supporting governance, risk decisions, and compliance activities 

Program Evolution & Continuous Improvement 

• Enhance the maturity and effectiveness of the TPRM program 

• Identify opportunities to improve processes, tools, and reporting capabilities 

• Monitor emerging risks, regulatory changes, and industry best practices 

________________________________________ 

Qualifications 

Required: 

• Bachelor’s degree in Information Security, Risk Management, Business, or related field (or equivalent experience) 

• 7+ years of experience in risk management, cybersecurity, compliance, internal audit, or third-party risk management 

• Experience leading or supporting third-party risk or governance programs 

• Familiarity with industry-standard security and compliance frameworks 

• Strong analytical, program management, and process improvement skills 

• Excellent communication and executive presentation capabilities 

Preferred 

• Experience in regulated industries (e.g., government contracting, technology, defense) 

• Knowledge of supplier assurance and contract security practices 

• Experience supporting audits and compliance assessments 

• Relevant professional certifications 

What We’re Looking For 

• A strategic risk leader who can balance governance with business enablement 

• A collaborator who thrives in cross-functional environments 

• A builder focused on strengthening program maturity and operational excellence 

• A clear communicator who can translate complex risk into actionable insights 

Pay Transparency: In support of pay transparency at Vantor, we disclose salary ranges on all U.S. job postings.  The successful candidate’s starting pay will fall within the salary range provided below and is determined based on job-related factors, including, but not limited to, the experience, qualifications, knowledge, skills, geographic work location, and market conditions. Candidates with the minimum necessary experience, qualifications, knowledge, and skillsets for the position should not expect to receive the upper end of the pay range.

● The base pay for this position within Colorado is: $134,000.00 - $223,000.00 annually. 

For all other states, we use geographic cost of labor as an input to develop market-driven ranges for our roles, and as such, each location where we hire may have a different range.

Benefits: Vantor offers a competitive total rewards package that goes beyond the standard, including a robust 401(k) with company match, mental health resources, and unique perks like student loan repayment assistance, adoption reimbursement and pet insurance to support all aspects of your life. You can find more information on our benefits at: https://www.Vantor.com/careers

Additionally, this position is incentive eligible with a target based on contribution, company performance, and/or individual results achieved; the specific incentive plan and target amount will be determined based on the role and breadth of contributions.

The application window is three days from the date the job is posted and will remain posted until a qualified candidate has been identified for hire.  If the job is reposted regardless of reason, it will remain posted three days from the date the job is reposted and will remain reposted until a qualified candidate has been identified for hire. 

The date of posting can be found on Vantor's Career page at the top of each job posting.

To apply, submit your application via Vantor's Career page.

EEO Policy: Vantor is an equal opportunity employer committed to an inclusive workplace. We believe in fostering an environment where all team members feel respected, valued, and encouraged to share their ideas. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender identity, sexual orientation, disability, protected veteran status, age, or any other characteristic protected by law.