Manager, Third Party Risk Management (Remote)
Top focus
As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform.
Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers.
We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you
About The Role
CrowdStrike is seeking an experienced Manager, Third Party Risk Management (TPRM) to lead a high-performing team responsible for assessing and managing risks associated with our third-party vendor ecosystem. This role sits within the GRC organization and is critical to protecting CrowdStrike's customers, data, and operations through rigorous, scalable, and forward-thinking vendor risk practices.
As a people leader, you will manage a team of four TPRM analysts while driving strategic improvements to our program, tooling, and processes — including automation initiatives, AI integration, and efficiencies identified through continuous improvement efforts.
You will also lead the organizational efforts in defining, establishing, managing and enforcing cybersecurity policies, standards and procedures. The ideal candidate will have an expert-level understanding of current processes and proactively search for ways to improve CrowdStrike’s risk posture and GRC program in ways that support a fast-paced, secure, and empowered environment in the tech industry.
This role requires a strategic thinker with a deep understanding of cybersecurity principles, third party risk management and the ability to communicate effectively across all levels of the organization
What You’ll Do
- develop a team of 4 TPRM professionals, fostering a culture of accountability, continuous learning
- operational excellence Set clear performance expectations, conduct regular 1:1s
- support career development for each team member Serve as an escalation point for complex vendor risk issues and assessments.
- Oversee end-to-end third-party risk assessments including inherent risk tiering, due diligence, control evaluations
- residual risk determinations Manage the full vendor risk lifecycle including onboarding, periodic reassessment
- offboarding, ensuring consistent application of TPRM standards.
- Partner with Procurement, Legal, IT, Security, and Business stakeholders to embed risk considerations into the vendor engagement process.
- Evaluate vendor security posture, compliance certifications (SOC 2, ISO 27001, etc.), and contractual obligations.
- Creating and enhancing a cybersecurity vendor risk management program, including the identification, evaluation and mitigation of risks across the organization.
- Conducting third party controls evaluations and audits.
- Performing other duties within the scope of governance, risk and compliance Working across organizations to help align organizations with shared third party compliance goals and objectives.
- Coordinating with IT and business units to implement effective cybersecurity measures and integrate security practices into business processes Collaborate with cross-functional teams, including procurement, legal
- IT, to ensure comprehensive vendor risk management.
- Lead the implementation of process improvements and efficiencies identified through a recent kaizen event, driving measurable outcomes.
- Develop and expand automation capabilities within ServiceNow TPRM to reduce manual effort and increase assessment throughput.
- Identify and implement AI-driven capabilities to enhance risk scoring, vendor monitoring, and workflow efficiency.
- Define and track KPIs and metrics to demonstrate program maturity and effectiveness to senior leadership.
- Serve as a functional owner and subject matter expert for ServiceNow as the TPRM platform of record.
- Partner with GRC tooling and IT teams to configure, optimize, and expand ServiceNow workflows supporting TPRM operations.
- Evaluate emerging technologies and vendor risk intelligence platforms to enhance the program.
- Develop and maintain TPRM policies, standards, and procedures in alignment with industry frameworks (NIST, ISO 27001, SOC 2, FAIR, etc.).
- Prepare and present risk reporting and program status updates to senior leadership and key stakeholders.
- Support internal and external audit activities related to third-party risk.
- What You’ll Need: 10+ years of experience in Third Party Risk Management, GRC, information security risk
- related controls disciplines. 3+ years of people management experience, with demonstrated ability to lead and develop teams.
- Deep expertise in vendor risk assessment methodologies, control frameworks, and risk lifecycle management.
- Hands-on experience with ServiceNow Third Party Risk Management (TPRM) module.
- Demonstrated experience driving process improvement, automation, or operational efficiency initiatives within a risk or compliance program.
- Strong understanding of security and compliance frameworks including NIST CSF, ISO 27001, SOC 2, NIST 800-53, and/or SIG.
- Experience with or strong interest in applying AI/ML tools to GRC or risk management workflows.
- Excellent communication and stakeholder management skills — able to translate technical risk concepts for business audiences.
- Ability to operate effectively in a fast-paced, high-growth environment.
- Proven experience working across teams and global regions to achieve company objectives and review goals.
- Ability to build rapport and maintain relationships across a multitude of functions within the company, with external vendors, and with governmental teams.
- Program and project management experience in scoping, work break-down, critical path analysis, resourcing, managing time and cost estimates, project risks, and quality.
- Ability to think strategically about risks and tie those risks to tactical organizational activities.
- Bonus Points: Experience with a cloud environment and the CrowdStrike products or services Practical experience in Software Development and Secure Coding best practices.
- Practical experience in performing integration risk assessments and threat modeling third party software components.
- Experience in working with leading GRC products. #LI-Remote #LI-CS1 Benefits of Working at CrowdStrike: Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role Employee Networks, geographic neighborhood groups
- volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work Certified™ across the globe CrowdStrike is proud to be an equal opportunity employer.
- We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed.
- We support veterans and individuals with disabilities through our affirmative action program.
- CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment.
- The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance
- any other characteristic protected by law.
- We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
- If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
- Find out more about your rights as an applicant.
- CrowdStrike participates in the E-Verify program.
- Notice of E-Verify Participation Right to Work CrowdStrike, Inc. is committed to fair and equitable compensation practices.
- Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.
- The base salary range for this position for all U.S. candidates is $125,000 - $180,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.
- For detailed information about the U.S. benefits package, please click here .
- Expected Close Date of Job Posting is:09-01-2026