Vendor Manager

About The Institutes

Located in beautiful Malvern Pennsylvania The Institutes are a not-for-profit comprised of diverse affiliates that educate elevate and connect people in the essential disciplines of risk management and insurance. Through products and services offered by our nearly 20 affiliated business units people and organizations are empowered to help those in need with a focus on understanding predicting and preventing losses to create a more resilient world.

Additionally we understand the importance of work-life balancein 2025 named us a Top Workplace for the tenth year and USA Today named us a USA Top Workplace for the fourth year. We provide excellent benefits and a friendly team-focused work environment to drive employee engagement.

Vendor Manager
The Vendor Manager role is responsible for advancing the organizations vendor governance program into a strategic risk-driven function focused on AI data exposure and technology portfolio optimization.

This role evolves beyond operational vendor tracking to provide analytical oversight of third-party risk AI model exposure SaaS rationalization strategy and contractual data governance. The Analyst partners cross-functionally with Security Legal Procurement IT Application Development and Compliance to evaluate vendor AI posture assess model risk exposure and ensure responsible technology adoption across the enterprise.

This position plays a critical role in strengthening the organizations Third-Party Risk Management (TPRM) and AI governance frameworks driving informed decision-making through risk analytics vendor scoring and portfolio optimization.

What Youll Do:

Vendor Governance & Lifecycle Management

• Maintain contract repository and track renewal dates
• Coordinate renewals with Legal and Procurement
• Maintain vendor tier classifications and risk profiles

• Track remediation items and follow up with vendors.
• Review and distribute security questionnaires.
• Collect and analyze SOC reports cyber insurance documentation and compliance artifacts.
• Identify and execute Continuous improvement opportunities for the customer experience
• Proactively do research on the vendors spaces to track trends risks and current events. Raise risks as needed.

AI & Third-Party Risk Analysis

• Conduct AI-focused vendor risk assessments including model usage training data sources and data retention practices.
• Evaluate vendor AI posture and develop AI risk scoring methodology.
• Assess AI model risk exposure including bias explainability and regulatory considerations.
• Partner with Security to detect and mitigate Shadow AI usage across the organization.
• Track vendor data exposure risk and data-sharing pathways.
• Coordinate OneTrust integrations and AI governance workflows.
  
  

Contract & Data Governance Oversight

• Review and evaluate AI/data-related clauses in contracts including:
• Data ownership
• Data residency
• Model training rights
• Sub processor disclosures
• AI indemnification and liability language
• Partner with Legal to strengthen AI and data protection contractual standards.
• Support AI/data usage contractual reviews during vendor onboarding and renewals.

Technology Portfolio & SaaS Rationalization

• Maintain enterprise SaaS inventory and technology portfolio map.
• Analyze license utilization and identify consolidation opportunities.
• Develop SaaS rationalization strategy to reduce redundant platforms.
• Assess overlapping AI tool capabilities and risk duplication.
• Provide cost-risk optimization recommendations to leadership.

Analytics & Strategic Reporting

• Develop vendor risk dashboards and AI posture reporting.
• Create executive-level reporting on:
• AI vendor exposure
• Data risk trends
• Model risk concentration
• SaaS redundancy and cost optimization

What Were Looking For:

Required

• 35 years of experience in vendor management third-party risk IT governance compliance or risk analysis.
• Proficiency in LLM technology and utilization of such tools to manage the complexities of the research and analysis are critical to the success of the role.
• Effective hands-on usage of LLM technology-based tools to help achieve department Ends
• Experience reviewing vendor contracts and tracking renewals.
• Exposure to third-party risk assessments and security questionnaire processes.
• Strong analytical and documentation skills.
• Highly curious and a desire for continuous improvement of the customer experience and risk management processes.
• Experience managing SaaS inventories or technology portfolios.
• Proficiency in Excel and vendor management platforms.

Preferred

• Experience supporting SOC 2 ISO 27001 or similar audits.
• Familiarity with OneTrust or TPRM platforms.
• Exposure to AI governance data risk management or emerging technology risk.
• Understanding of AI model risk principles (bias explainability regulatory impact).

Ability to be on-site 5 days a week is a must. The need for extended hours may be required to support meetings/events.

Required Competencies

• Analytical and risk-based decision-making
• Strategic thinking
• Strong organization skills
• AI and data governance awareness
• Strong cross-functional collaboration
• Process optimization mindset
• Executive-ready reporting skills
• Strive to reflect our five cultural values in all efforts: Put the Customer First Do What You Say Work Together Be Innovative and Do the Right Thing.

The Best Part The Benefits!

To enforce the importance of work-life balance employees enjoy excellent benefits including:

• 401(k) plan with company contribution up to 16%
• Generous time off package that includes paid vacation personal sick and holidays
• Paid maternity and parental leave
• Tuition reimbursement
• Medical dental vision and prescription coverage
• On our Malvern campus: Free lunch every day when working on campus onsite fitness center and a beautiful 1.25-mile walking path!

Required Experience:

Manager