Third Party Risk Management Leader

Convergint is seeking a Third Party Risk Management (TPRM) Leader responsible for designing, implementing, and overseeing the enterprise-wide third-party risk management program, supporting regulatory compliance, operational resilience, cybersecurity, and financial integrity. This high-impact role ensures that risks associated with vendors, suppliers, partners, and service providers are identified, assessed, mitigated, monitored, and reported throughout the third-party lifecycle.

• Establish and maintain an enterprise-wide Third-Party Risk Management framework aligned to public company expectations and leading practices
• Define third-party risk policies, standards, procedures, and risk appetite in partnership with Legal, Finance, IT Security, and Compliance

• Oversee third-party risk activities across the full lifecycle:
  • Due diligence and onboarding
  • Contract risk assessment and approval
  • Ongoing monitoring and periodic reassessment
  • Issue management and remediation
  • Offboarding and termination
• Ensure appropriate controls are in place for critical and high-risk vendors, including financial, operational, cybersecurity, privacy, and compliance risks

• Partner with Technology to assess vendor cybersecurity posture, including review of SOC reports, testing summaries, and security questionnaires
• Ensure third-party compliance with data privacy and protection requirements
• Support SOX readiness ensuring third party-related controls are properly designed, documented, and operating effectively
• Serve as a key liaison for Internal Audit and external auditors for third-party risk-related audits and reviews
• Prepare documentation, metrics, and executive reporting required for IPO diligence and ongoing public company disclosures

• Develop and maintain TPRM KPIs and KRIs, including vendor risk exposure, remediation status, and concentration risk
• Provide regular reporting to executive leadership and risk committees
• Escalate significant third-party risks and control gaps in a timely and structured manner

• Partner with Procurement, Legal, Technology, Finance, HR, Internal Audit, and Business Leaders to embed TPRM processes into daily operations
• Influence stakeholders to adopt consistent, scalable risk practices across the enterprise
• Support vendor contract negotiations by advising on risk clauses, SLAs, audit rights, and termination provisions

• Benchmark the TPRM program against public company peers and evolving regulatory expectations
• Lead tool selection or enhancement as the program matures
• Train internal stakeholders on third-party risk awareness and responsibilities

• Integrate ESG risk considerations (environmental impact, labor practices, ethics, and governance) into third-party risk assessment, onboarding, and ongoing monitoring processes.
• Establish and oversee ESG-focused due diligence standards for vendors, suppliers, and partners in alignment with regulatory, industry, and corporate sustainability expectations.
• Partner with Sustainability, Legal, Compliance, and Procurement teams to define ESG risk thresholds and remediation strategies for third parties.
• Develop ESG-related third-party policies, controls, and reporting metrics to support corporate ESG goals and disclosures.
• Identify, assess, and elevate ESG-related third-party risks, including human rights, supply-chain transparency, climate exposure, and ethical conduct.
• Monitor emerging ESG regulations and frameworks (e.g., human rights, environmental compliance, governance standards) and translate requirements into third-party risk controls.
• Drive continuous improvement of third-party ESG risk monitoring through data analytics, assessments, and performance scorecards.
• Serve as a key advisor to senior leadership on ESG-related third-party risks and mitigation strategies.

• 8+ years of experience in third-party risk, vendor risk management, enterprise risk, compliance, audit, or information security.
• Demonstrated experience building or maturing a TPRM…