Advisor – Third-Party Risk Management; TPRM

Advisor – Third-Party Risk Management (TPRM)

At CGS Cyber Defense, we’re more than a cybersecurity firm — we’re a team of innovators, problem-solvers, and trusted advisors protecting some of the world’s most valuable enterprises.

CGS Cyber Defense is seeking an experienced Advisor – TPRM Part-Time to help clients design, implement, and mature programs that assess and manage cybersecurity risk across vendors, suppliers, and other third parties. This role provides advisory support to client executives and cross-functional teams, translating vendor risk requirements into practical oversight frameworks and actionable strategies.

• Support third-party cybersecurity risk assessments and vendor due diligence engagements across industries and regulatory environments
• Assist in developing and operationalizing TPRM frameworks, governance models, and operating procedures
• Evaluate vendor control environments using assessments
• Support vendor segmentation, criticality classification, and continuous monitoring of risk profiles
• Support and optimize technology enablement for TPRM programs using platforms
• Coordinate communication between procurement, security, and compliance teams to enhance vendor governance
• Prepare executive-facing deliverables including dashboards, risk summaries, and reports for decision-making
• Contribute to practice and methodology development, mentor junior consultants, and support thought leadership in TPRM

• 10 plus years of professional experience in cybersecurity, risk management, or vendor/third-party risk roles li>
• Solid understanding of third-party risk management concepts, due diligence processes, and control assessment methodologies
• Familiarity with frameworks and standards such as NIST CSF, ISO 27036, SOC 2, SIG, and shared responsibility models
• Strong communication, project management, and client advisory skills

• Experience with TPRM automation tools (
  Service Now VRM, Archer, One Trust, Cyber
  
  GRX, etc.)
• Knowledge of regulatory requirements impacting vendor risk (e.g.,
  OCC, HIPAA, GDPR, CMMC
  )
• Strong analytical, reporting, and visualization skills (Excel, Power BI, or similar tools)
• Ability to manage multiple client engagements in fast-paced consulting environments

• An opportunity to work with leading enterprises across industries.
• Access to cutting-edge cybersecurity tools and technologies.
• Ongoing professional development and training opportunities.
• A culture that values curiosity, collaboration, and innovation.

• Mission-Driven Work – Protecting high-value enterprises from today’s most complex threats.
• Team of Experts – Collaborate with skilled cybersecurity professionals who support your growth.
• Innovation First – A culture where new ideas are encouraged and rewarded.
• Commitment to You – Your success is our success, and we invest in your development.