Third Party Risk Management Consultant (100% Remote)

Our customer is a large United States insurance company that is backed by more than 100 years of experience and provides insurance products and services for businesses and professionals in the United States., Canada and Europe. Headquartered in Chicago, IL, they have more than 20 US locations.

We are seeking a contract Third Party Risk Management Consultant to support our Customer's business needs. This role is 100% remote, but on-site work in Chicago or Louisville is preferred.

Responsibilities:

• Lead the end-to-end risk assessment process for new vendors, including initial scoping, risk tiering, and control evaluation.
• Develop and maintain onboarding risk criteria aligned with regulatory, operational, and business requirements.
• Collaborate with stakeholders across InfoSec, Privacy, Legal, and Procurement to ensure comprehensive risk coverage during onboarding.
• Manage and oversee Staff Aug resources that support program operations
• Implement and mature risk scoring methodologies to evaluate vendor risk profiles.
• Leverage internal tools and external data sources to inform risk decisions, including the use of risk intelligence platforms.
• Ensure consistent documentation and auditability of onboarding assessments
• Identify potential risks or control gaps during onboarding and initiate escalation and/or issue management workflows.
• Partner with vendors and internal teams to ensure risk acceptance processes are followed.
• Continuously improve onboarding workflows to enhance efficiency, accuracy, and scalability.
• Maintain alignment with enterprise risk policies and regulatory expectations.
• Act as a trusted advisor to business units during vendor onboarding, helping interpret risk findings and guide decisions.
• Provide training and support to internal teams on onboarding risk processes and tools.
• Collaborate with sourcing and business stakeholders to embed security and risk evaluation criteria into RFPs and vendor selection processes.
• Develop standard RFP language and templates that align with enterprise risk policies and control expectations.

Skills and Qualifications:

• Bachelor’s degree or equivalent
• CISSP, CRISC, or CISA preferred
• 7+ years of demonstrable experience in TPRM, preferably in a regulated industry
• Experience with compliance frameworks such as HITRUST, NIST, ISO, and COBIT
• Detail-oriented with strong organizational and communication skills
• Ability to work with both technical and non-technical internal business stakeholders.

Preferred:

• Advanced knowledge of ProcessUnity
• Experience with Workday as the TPRM trigger point
• Experience designing and implementing new TPRM processes and assessment methodologies

We offer a competitive salary range for this position. Most candidates who join our team are hired at the median of this range, ensuring fair and equitable compensation based on experience and qualifications.

Contractor benefits are available through our 3rd Party Employer of Record (Available upon completion of waiting period for eligible engagements)

Benefits include: Medical, Dental, Vision, 401k.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.