CrowdStrike Logo

CrowdStrike

Manager, Third Party Risk Management (Remote)

Posted An Hour Ago
Be an Early Applicant
Remote or Hybrid
Hiring Remotely in USA
125K-180K Annually
Expert/Leader
Remote or Hybrid
Hiring Remotely in USA
125K-180K Annually
Expert/Leader
Manage a team of TPRM analysts to run the vendor risk lifecycle, improve tooling and automation (ServiceNow TPRM, AI), perform assessments and audits, develop TPRM policies aligned to frameworks (NIST/ISO/SOC 2), partner with procurement/legal/IT, track KPIs, and support audit and reporting to leadership.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is seeking an experienced Manager, Third Party Risk Management (TPRM) to lead a high-performing team responsible for assessing and managing risks associated with our third-party vendor ecosystem. This role sits within the GRC organization and is critical to protecting CrowdStrike's customers, data, and operations through rigorous, scalable, and forward-thinking vendor risk practices.

As a people leader, you will manage a team of four TPRM analysts while driving strategic improvements to our program, tooling, and processes — including automation initiatives, AI integration, and efficiencies identified through continuous improvement efforts. You will also lead the organizational efforts in defining, establishing, managing and enforcing cybersecurity policies, standards and procedures. 

 

The ideal candidate will have an expert-level understanding of current processes and proactively search for ways to improve CrowdStrike’s risk posture and GRC program in ways that support a fast-paced, secure, and empowered environment in the tech industry.

   

This role requires a strategic thinker with a deep understanding of cybersecurity principles, third party risk management and the ability to communicate effectively across all levels of the organization.

What You’ll Do:

  • Lead, mentor, and develop a team of 4 TPRM professionals, fostering a culture of accountability, continuous learning, and operational excellence

  • Set clear performance expectations, conduct regular 1:1s, and support career development for each team member

  • Serve as an escalation point for complex vendor risk issues and assessments.

  • Oversee end-to-end third-party risk assessments including inherent risk tiering, due diligence, control evaluations, and residual risk determinationsManage the full vendor risk lifecycle including onboarding, periodic reassessment, and offboarding, ensuring consistent application of TPRM standards.

  • Partner with Procurement, Legal, IT, Security, and Business stakeholders to embed risk considerations into the vendor engagement process.

  • Evaluate vendor security posture, compliance certifications (SOC 2, ISO 27001, etc.), and contractual obligations.

  • Creating and enhancing a cybersecurity vendor risk management program, including the identification, evaluation and mitigation of risks across the organization.

  • Conducting third party controls evaluations and audits.

  • Performing other duties within the scope of governance, risk and compliance

  • Working across organizations to help align organizations with shared third party compliance goals and objectives.

  • Coordinating with IT and business units to implement effective cybersecurity measures and integrate security practices into business processesCollaborate with cross-functional teams, including procurement, legal, and IT, to ensure comprehensive vendor risk management.

  • Lead the implementation of process improvements and efficiencies identified through a recent kaizen event, driving measurable outcomes.

  • Develop and expand automation capabilities within ServiceNow TPRM to reduce manual effort and increase assessment throughput.

  • Identify and implement AI-driven capabilities to enhance risk scoring, vendor monitoring, and workflow efficiency.

  • Define and track KPIs and metrics to demonstrate program maturity and effectiveness to senior leadership.

  • Serve as a functional owner and subject matter expert for ServiceNow as the TPRM platform of record.

  • Partner with GRC tooling and IT teams to configure, optimize, and expand ServiceNow workflows supporting TPRM operations.

  • Evaluate emerging technologies and vendor risk intelligence platforms to enhance the program.

  • Develop and maintain TPRM policies, standards, and procedures in alignment with industry frameworks (NIST, ISO 27001, SOC 2, FAIR, etc.).

  • Prepare and present risk reporting and program status updates to senior leadership and key stakeholders.

  • Support internal and external audit activities related to third-party risk.

What You’ll Need:

  • 10+ years of experience in Third Party Risk Management, GRC, information security risk, or related controls disciplines.

  • 3+ years of people management experience, with demonstrated ability to lead and develop teams.

  • Deep expertise in vendor risk assessment methodologies, control frameworks, and risk lifecycle management.

  • Hands-on experience with ServiceNow Third Party Risk Management (TPRM) module.

  • Demonstrated experience driving process improvement, automation, or operational efficiency initiatives within a risk or compliance program.

  • Strong understanding of security and compliance frameworks including NIST CSF, ISO 27001, SOC 2, NIST 800-53, and/or SIG.

  • Experience with or strong interest in applying AI/ML tools to GRC or risk management workflows.

  • Excellent communication and stakeholder management skills — able to translate technical risk concepts for business audiences.

  • Ability to operate effectively in a fast-paced, high-growth environment.

  • Proven experience working across teams and global regions to achieve company objectives and review goals.

  • Ability to build rapport and maintain relationships across a multitude of functions within the company, with external vendors, and with governmental teams.

  • Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.

  • Ability to think strategically about risks and tie those risks to tactical organizational activities.

Bonus Points:

  • Experience with a cloud environment and the CrowdStrike products or services

  • Practical experience in Software Development and Secure Coding best practices.

  • Practical experience in performing integration risk assessments and threat modeling third party software components.

  • Experience in working with leading GRC products.

#LI-Remote
#LI-CS1

 

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $125,000 - $180,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here

Expected Close Date of Job Posting is:09-01-2026

Similar Jobs at CrowdStrike

9 Hours Ago
Remote or Hybrid
USA
100K-155K Annually
Senior level
100K-155K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
The role involves analyzing DPRK cyber operations, producing intelligence reports, engaging in team discussions, and monitoring adversary financial activities. Responsibilities include independent research, technical analysis, and collaboration to fill intelligence gaps.
Top Skills: CensysChainalysisDomaintoolsNetflowTrm LabsVirustotal
9 Hours Ago
Remote or Hybrid
110K-160K Annually
Senior level
110K-160K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Manage the deployment of platform services for cybersecurity, ensuring projects are delivered on time and within budget while collaborating with clients and internal teams.
Top Skills: AgileCloud-Based Siem SolutionsExabeamIbm QradarLogrhythmSiem SolutionsSplunkWaterfall
9 Hours Ago
Remote or Hybrid
USA
195K-290K Annually
Senior level
195K-290K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Lead and conduct mechanistic interpretability and alignment research for security-specialized AI. Develop methods to read model internals, detect misuse signals, design training interventions and evaluation frameworks, publish original research, and recruit and mentor a lean research team.
Top Skills: Activation PatchingAdversarial EvaluationAlignment EvaluationsCausal TracingCircuit AnalysisFeature VisualizationLarge Language ModelsMechanistic InterpretabilityProbing ClassifiersRed Teaming

What you need to know about the Charlotte Tech Scene

Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.

Key Facts About Charlotte Tech

  • Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
  • Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
  • Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
  • Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account