Vendor ManagerThe Vendor Manager role is responsible for advancing the organization's vendor governance program into a strategic, risk-driven function focused on AI, data exposure, and technology portfolio optimization.
This role evolves beyond operational vendor tracking to provide analytical oversight of third-party risk, AI model exposure, SaaS rationalization strategy, and contractual data governance. The Analyst partners cross-functionally with Security, Legal, Procurement, IT, Application Development, and Compliance to evaluate vendor AI posture, assess model risk exposure, and ensure responsible technology adoption across the enterprise.
This position plays a critical role in strengthening the organization's Third-Party Risk Management (TPRM) and AI governance frameworks, driving informed decision-making through risk analytics, vendor scoring, and portfolio optimization.
What You'll Do:Vendor Governance & Lifecycle Management - Maintain contract repository and track renewal dates
- Coordinate renewals with Legal and Procurement
- Maintain vendor tier classifications and risk profiles
- Track remediation items and follow up with vendors.
- Review and distribute security questionnaires.
- Collect and analyze SOC reports, cyber insurance documentation, and compliance artifacts.
- Identify and execute Continuous improvement opportunities for the customer experience
- Proactively do research on the vendors spaces to track trends, risks and current events. Raise risks as needed.
AI & Third-Party Risk Analysis- Conduct AI-focused vendor risk assessments, including model usage, training data sources, and data retention practices.
- Evaluate vendor AI posture and develop AI risk scoring methodology.
- Assess AI model risk exposure, including bias, explainability, and regulatory considerations.
- Partner with Security to detect and mitigate Shadow AI usage across the organization.
- Track vendor data exposure risk and data-sharing pathways.
- Coordinate OneTrust integrations and AI governance workflows.
Contract & Data Governance Oversight- Review and evaluate AI/data-related clauses in contracts, including:
- Data ownership
- Data residency
- Model training rights
- Sub processor disclosures
- AI indemnification and liability language
- Partner with Legal to strengthen AI and data protection contractual standards.
- Support AI/data usage contractual reviews during vendor onboarding and renewals.
Technology Portfolio & SaaS Rationalization- Maintain enterprise SaaS inventory and technology portfolio map.
- Analyze license utilization and identify consolidation opportunities.
- Develop SaaS rationalization strategy to reduce redundant platforms.
- Assess overlapping AI tool capabilities and risk duplication.
- Provide cost-risk optimization recommendations to leadership.
Analytics & Strategic Reporting- Develop vendor risk dashboards and AI posture reporting.
- Create executive-level reporting on:
- AI vendor exposure
- Data risk trends
- Model risk concentration
- SaaS redundancy and cost optimization
What We're Looking For: Required- 3-5+ years of experience in vendor management, third-party risk, IT governance, compliance, or risk analysis.
- Proficiency in LLM technology and utilization of such tools to manage the complexities of the research and analysis are critical to the success of the role.
- Effective hands-on usage of LLM technology-based tools to help achieve department Ends
- Experience reviewing vendor contracts and tracking renewals.
- Exposure to third-party risk assessments and security questionnaire processes.
- Strong analytical and documentation skills.
- Highly curious, and a desire for continuous improvement of the customer experience and risk management processes.
- Experience managing SaaS inventories or technology portfolios.
- Proficiency in Excel and vendor management platforms.
Preferred- Experience supporting SOC 2, ISO 27001, or similar audits.
- Familiarity with OneTrust or TPRM platforms.
- Exposure to AI governance, data risk management, or emerging technology risk.
- Understanding of AI model risk principles (bias, explainability, regulatory impact).
Ability to be on-site 5 days a week is a must. The need for extended hours may be required to support meetings/events.Required Competencies- Analytical and risk-based decision-making
- Strategic thinking
- Strong organization skills
- AI and data governance awareness
- Strong cross-functional collaboration
- Process optimization mindset
- Executive-ready reporting skills
- Strive to reflect our five cultural values in all efforts: Put the Customer First, Do What You Say, Work Together, Be Innovative and Do the Right Thing.
The Best Part? The Benefits! To enforce the importance of work-life balance, employees enjoy excellent benefits, including:
- 401(k) plan with company contribution up to 16%
- Generous time off package that includes paid vacation, personal, sick, and holidays
- Paid maternity and parental leave
- Tuition reimbursement
- Medical, dental, vision, and prescription coverage
- On our Malvern campus: Free lunch every day when working on campus, onsite fitness center, and a beautiful 1.25-mile walking path!