Sr. Manager - Cyber Risk Management (Onsite - Raleigh, NC)

Raleigh, NC, US • Posted 15 hours ago • Updated 15 hours ago

Contract Independent

Contract W2

On-site

Depends on Experience

OMG Technologies

Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

Cyber Security
Data Security
ISACA
CISM
CISSP
Auditing
Internal Auditing
Management
Procurement
Regulatory Compliance
Risk Assessment
Risk Management
SAP GRC
Stakeholder Management
Workflow
Communication
Reporting
TPCRM
TPRM / GRC platforms (e.g.
OneTrust)

Summary

Sr. Manager - Cyber Risk Management (Onsite - Raleigh, NC)

Position Summary:

Looking for a candidate who can enhance existing vendor questionnaires to reduce risk and add value. The Third-Party Cyber Risk Manager is responsible for designing, executing, and operating the organization s Third-Party Cyber Risk Management (TPCRM) program. This role identifies, assesses, and manages cyber risks introduced by vendors, suppliers, and service providers, ensuring third parties meet the company s security, compliance, and risk standards throughout the vendor lifecycle.

Responsibilities:

Program Ownership & Execution

Own and operate the TPCRM lifecycle, including vendor intake, inherent risk assessment, due diligence, risk treatment, and ongoing monitoring.
Establish and maintain a risk-based vendor tiering model aligned with company standards and risk appetite.
Ensure the TPCRM program is defensible, repeatable, and audit ready.

Vendor Cyber Risk Assessment

Conduct security due diligence of third parties, including questionnaires, SOC reports,
policies, certifications, and control validation.
Identify control gaps, assess residual risk, and drive remediation or risk acceptance.
Provide clear cyber risk insights to support vendor decisions.

Governance, Reporting & Stakeholder Management

Partner with Procurement, Legal, Compliance, Internal Audit, and business teams.
Ensure appropriate security and data protection clauses in contracts.
Track and report vendor risk posture and key risk indicators (KRIs).

Tooling & Process Enablement

Utilize GRC tools such as OneTrust for workflow, evidence management, and reporting.
Maintain documentation for audit and regulatory requirements.

Required Skills/Qualifications:

5+ years of experience at a senior manager level in third-party risk management.
6+ years of strong experience in cybersecurity, GRC, etc.
Strong experience in evaluating vendors, reviewing SOC reports, and assessing third-party risk is required.
Experience with TPRM / GRC platforms (e.g., OneTrust).
Experience supporting audits and regulatory reviews.
Experience working with Procurement, Legal, and enterprise stakeholders.
Understanding of vendor risk concepts such as inherent vs. residual risk.
Ability to translate technical findings into business decisions.
Certifications such as OSACA, CRISC, CISM, CISSP or similar are preferred.
Bachelor s degree in a relevant field or equivalent experience.
Strong communication and stakeholder management skills.

Other Job Details:

Job Type: C2C or W2.
Duration: 6 months with high possibility of extension.
Locations: Hybrid - Raleigh, NC. Must be within commuting distance to Raleigh, NC.
Work Schedule: 8:00 AM 5:00 PM EST.
Pay Rate: Open to Market Rate (W2 and C2C).
Interviews: 2 rounds via MS Teams (scheduled through Beeline).
Docs required: ID proof will be required.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91093052
Position Id: SMCRM_IB_MAR26
Posted 15 hours ago

Company Info

About OMG Technologies

From our humble beginnings as a small IT service provider in 2006, OMG Technologies has grown to become a reliable provider of management and IT consulting services, while still maintaining agility of a small company. With multiple clients in various industries, OMG Technologies continues to grow at a good, steady and consistent pace based on our client focused approach.

Whatever it Takes to deliver value is our CORE approach

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Raleigh, North Carolina

•

Today

Director - Cybersecurity Compliance (Onsite - Raleigh, NC) Function: Information Security Governance, Risk & Compliance (GRC) Reports To: Chief Information Security Officer (CISO). Position Summary: This is a strategic leadership role requiring someone who can build and drive a cybersecurity compliance program. The candidate should be able to define strategy, execution steps, metrics, and monitoring/reporting mechanisms. Strong understanding of how risk, compliance, and governance interrelate i

Easy Apply

Contract