Vendor Risk Manager

Salário mediano: $115,000 USD · BLS 2024Aproximadamente R$575,000 ao câmbio atual, antes de IR e INSS. Seu banco aplicará o câmbio real em qualquer transação internacional.

A vendor risk manager owns the program that decides which third parties an enterprise can safely trust with data, infrastructure access, or payment processing. The role grew sharply after the 2020-2024 sequence of supply-chain compromises (SolarWinds, Kaseya, MOVEit, 3CX, Snowflake-tied breaches) made it clear that an organization's security perimeter now extends through every active vendor relationship. The work is anchored by NIST SP 800-161 Rev. 1 (Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations) and Shared Assessments' SIG (Standardized Information Gathering) questionnaire. You run the questionnaire collection, you tier vendors by inherent risk, you sample-test attestations, you negotiate breach-notification language into every contract, and you maintain the kill-list of vendors whose posture has degraded enough that the relationship needs unwinding. The role pairs procurement diplomacy with technical security literacy.