Third-Party Risk Manager

About Commvault 

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data. 

JOB DESCRIPTION:

The Opportunity..

As a Third-Party Risk Manager, you will oversee and enhance Commvault’s third-party risk management (TPRM) program, ensuring our vendor relationships meet regulatory standards and align with organizational risk tolerance. This leadership role requires a strategic approach to risk identification, mitigation, and monitoring while providing oversight and guidance to cross-functional teams engaged in third-party management processes.

What You'll Do...

• Lead the development, implementation, and continuous improvement of a third-party risk management framework in accordance with regulatory requirements and industry best practices.

• Manage and oversee the end-to-end risk assessment process for third-party vendors, including initial due diligence, ongoing monitoring, and issue resolution.

• Drive strategic discussions with business leaders regarding vendor risks, mitigation strategies, and alignment with organizational goals.

• Provide expert guidance on the evaluation of vendor contracts, ensuring appropriate risk controls are established and enforced.

• Collaborate with other teams such as IT security, procurement, and legal teams to address risk and maintain compliance with applicable regulations.

• Establish performance metrics and reporting dashboards to effectively communicate third-party risk insights to senior leadership and other key stakeholders.

• Serve as the primary point of contact for internal and external audits related to third-party risk management, including preparation and documentation.

• Ensure the organization stays ahead of emerging trends and regulatory changes in third-party risk management and incorporate them into policies and practices.

• Conduct training sessions for internal teams to build awareness and understanding of the third-party risk management program.

Who You Are...

• Bachelor’s degree in business administration, risk management, cybersecurity, or a related field (advanced degree preferred).

• 8+ years of experience in risk management, vendor management, or related roles, with at least 1+ years in a leadership or managerial capacity.

• Strong understanding of regulatory frameworks, such as NIST, ISO 27001, GDPR, CCPA, and other relevant standards.

• Proven experience in conducting and managing vendor risk assessments and due diligence processes.

• Familiarity with GRC tools and platforms for vendor risk management.

• Excellent analytical, problem-solving, and decision-making skills.

• Strong interpersonal and communication skills, with the ability to influence stakeholders and present to executive leadership.

• Relevant certifications (e.g., CTPRP, CRISC, CISSP, or CISA) are a plus.

Preferred Skills

• General knowledge of compliance and risk management principles.

• Experience negotiating vendor contracts and establishing performance standards.

• Familiarity with risk mitigation strategies within highly regulated industries such as financial services, healthcare, or technology.

• Ability to manage complex projects and multiple priorities in a fast-paced environment.

You’ll love working here because: 

• Continuous professional development, product training and career pathing

• An inclusive company culture, opportunity to join our Community Guilds

• Generous Global Benefits

• Employee Stock Purchase Plan

Ready to #makeyourmark at Commvault? Apply now! 

#LI-JS1

#LI-Remote

Thank you for your interest in Commvault. Reflected below is the minimum and maximum base salary range for this role. At Commvault we use broad salary ranges in our job postings to reflect the diverse levels of expertise and experience among our candidates and is not reflective of the total compensation and benefits package. The specific salary offered will be determined based on your unique qualifications, including your relevant experience, skills, and the value you bring to the role. While the range provides a general idea of the compensation, it is important to note that placements within the range are not automatic and will be carefully considered to ensure a fair and competitive offer. We are committed to rewarding talent and experience.

We’re proud to offer competitive benefits that care for you and your family through our 401K plan, health benefits (including medical, dental, and vision available for families and domestic partners), and pet insurance for your furry family members. You can also find the details of our U.S. benefits by visiting benefits.commvault.com.

Commvault is an equal opportunity workplace and is an affirmative action employer. We are always committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status and we will not discriminate against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we work.

Commvault’s goal is to make interviewing inclusive and accessible to all candidates and employees. If you have a disability or special need that requires accommodation to participate in the interview process or apply for a position at Commvault, please email accommodations@commvault.com For any inquiries not related to an accommodation please reach out to wwrecruitingteam@commvault.com.

For our Candidates to prioritize your security: 

Commvault has been made aware of email and/or text correspondence scams that falsely state that the senders are from the Commvault HR team and/or a member of our leadership team. The scammers even conduct false interviews via email or text and then request personal information (name, address, birthdate, social security number, etc.) when returning the signed offer letter. Please note that Commvault does not conduct interviews by email or text, and we will never ask you to submit a W4 via email or prior to your first day of employment. 

If you think you have been targeted in this recruiting scam, please reach out to us at wwrecruitingteam@commvault.com. You can also find more tips about job scams and how to avoid them on the FTC’s website.