Third-Party Risk Management (Tprm) Consultant

Third-Party Risk Management (TPRM) ConsultantLocation: Dallas, TX (Remote with periodic onsite presence required)Employment Type: Contract (3–6 months)Pay Rate: Hourly, DOESchedule: Standard business hours, Monday – FridayPosition Overview Wheeler Staffing Partners is seeking an experienced Third-Party Risk Management (TPRM) Consultant to design, enhance, and operationalize a comprehensive vendor risk management program within a complex, highly regulated environment. This consultant will play a critical role in strengthening vendor risk governance, developing scalable frameworks, and ensuring compliance with industry and regulatory standards.This role requires hands-on experience building or maturing TPRM programs, including vendor risk tiering, assessment methodologies, workflow development, continuous monitoring strategies, and governance reporting. The consultant will collaborate closely with Information Security, Procurement, Legal, Compliance, and business stakeholders to improve vendor risk oversight and operational resilience.Key ResponsibilitiesTPRM Program Development and Implementation

• Design and formalize a scalable Third-Party Risk Management framework
• Develop and refine vendor risk tiering methodologies and classification models
• Establish inherent and residual risk scoring methodologies
• Create standardized vendor risk assessment procedures, questionnaires, and control validation processes
• Define vendor risk lifecycle processes from onboarding through offboarding

Risk Assessment and Vendor Oversight

• Review vendor inventory and classify vendors based on risk level and criticality
• Conduct risk assessments for high-risk and critical vendors
• Develop issue tracking, remediation, and escalation workflows
• Define continuous monitoring procedures and vendor reassessment cadence
• Establish vendor security requirements and minimum control expectations

Governance, Compliance, and Reporting

• Align TPRM program with regulatory and industry frameworks, including:
  • NIST Cybersecurity Framework (CSF)
  • NIST 800-53
  • HIPAA
  • PCI DSS
  • TX-RAMP
  • ISO 27001
• Develop governance dashboards, metrics, and executive-level reporting
• Create documentation, policies, standards, and procedures supporting the TPRM program
• Provide recommendations and roadmap for TPRM maturity improvement

Process Integration and Automation

• Design workflows integrating vendor risk management into procurement and contract lifecycle processes
• Support implementation and optimization of workflows within GRC platforms
• Partner with internal stakeholders to improve vendor onboarding, assessment, and monitoring processes
• Identify opportunities for automation and operational efficiency

Stakeholder Collaboration and Advisory Support

• Partner with Information Security, Procurement, Legal, Compliance, and operational teams
• Provide guidance on vendor risk management best practices
• Communicate risk findings and recommendations to leadership and executive stakeholders
• Translate technical risk concepts into business-focused recommendations

Required Qualifications

• 8+ years of experience in Information Security, Risk Management, Governance, Risk, and Compliance (GRC), or related field
• Proven experience building or maturing a Third-Party Risk Management program
• Strong knowledge of third-party risk lifecycle management and vendor risk assessment methodologies
• Experience with inherent and residual risk scoring models
• Experience validating security controls and assessing vendor risk posture
• Strong understanding of regulatory and compliance frameworks (NIST, HIPAA, PCI, ISO 27001, TX-RAMP, etc.)
• Experience implementing or optimizing workflows in GRC platforms such as ServiceNow, AuditBoard, or Archer
• Excellent analytical, documentation, and program development skills
• Strong communication skills with the ability to present to executive stakeholders

Preferred Qualifications

• Professional certifications such as CISSP, CISM, CRISC, or similar
• Experience working in healthcare, academic, or highly regulated environments
• Experience with cloud and SaaS vendor risk assessments
• Experience with vendor continuous monitoring and risk quantification methodologies
• Experience supporting state-regulated or compliance-driven organizations
• Experience with data automation, reporting dashboards, or vendor risk tools

Work Environment

• Remote work environment with periodic onsite presence required in Dallas, TX
• Collaborative cross-functional work environment
• Opportunity to design and implement enterprise-level risk management processes

Key Skills and Competencies

• Third-Party Risk Management (TPRM)
• Vendor Risk Assessment
• Governance, Risk, and Compliance (GRC)
• Information Security Risk Management
• Regulatory Compliance (NIST, HIPAA, PCI, ISO 27001)
• Risk Scoring and Risk Tiering
• Vendor Lifecycle Management
• Risk Analysis and Reporting
• GRC Platforms (ServiceNow, AuditBoard, Archer)
• Process Design and Workflow Optimization

Why Work with Wheeler Staffing Partners Wheeler Staffing Partners connects highly skilled professionals with leading organizations across healthcare, technology, and professional services industries. We are committed to supporting your career growth by providing access to impactful opportunities, competitive compensation, and ongoing support throughout your assignment. Our team serves as a dedicated partner and advocate, helping you achieve your professional goals and long-term career success.