Minimum qualifications:- Bachelor's degree in Risk Management, Supply Chain Management, Business, or equivalent practical experience.
- 5 years of experience in program management.
- 5 years of experience in third-party risk management lifecycles, vendor due diligence, and supply chain risk.
- 4 years of experience working in an environment bridging internal teams and external partners.
- 3 years of experience in data center infrastructure, operations, and vendor impact assessment.
Preferred qualifications:- 5 years of experience managing cross-functional or cross-team projects.
- Experience in Third Party Risk Management (TPRM) or Vendor Risk Management (VRM) or certifications (e.g., CTPRP, CISA, CRISC).
- Experience using dedicated vendor risk management platforms.
- Strong attention to detail in vendor data, assessment scoring, and formatting.
- Excellent communication skills with the ability to escalate vendor non-compliance effectively.
- Excellent problem-solving and decision-making skills when evaluating external dependencies.
About the jobAs a Technical Program Manager for Third Party Risk Management, you will work with our risk coordinators, procurement teams, and external partners to maintain an accurate third-party risk profile. Your primary focus will be generating actionable vendor risk insights, monitoring partner risks, and evaluating vendors throughout their lifecycle. You will assess risks related to external dependencies across the data center fleet, maintain a cohesive narrative between third-party exposure and internal controls, and manage the central library of vendor compliance information at physical locations worldwide.
The US base salary range for this full-time position is $163,000-$237,000 bonus equity benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google .
Responsibilities - Develop and maintain a comprehensive third-party risk register specific to data center operations, encompassing vendor physical, environmental, operational, and security domains.
- Develop and implement third-party risk mitigation strategies, including vendor policies, agreement requirements, and technical safeguards, to reduce the impact of external risks.
- Establish vendor Key Risk Indicators (KRIs) and metrics to monitor the ongoing compliance of third parties and identify emerging external risks.
- Serve as a key point of contact for data center third-party risk matters, collaborating with internal teams (e.g., procurement, security, operations, legal, compliance) and external stakeholders (e.g., vendors, suppliers, external auditors).
