Technical Program Manager, Third Party Risk Management, Data Centers

Technical Program Manager, Third Party Risk Management, Data Centers corporate_fare Google place Atlanta, GA, USA bar_chart Mid Mid Experience driving progress, solving problems, and mentoring more junior team members; deeper expertise and applied knowledge within relevant area.

Minimum qualifications:

Bachelor's degree in Risk Management, Supply Chain Management, Business, or equivalent practical experience. 5 years of experience in program management. 5 years of experience in third-party risk management lifecycles, vendor due diligence, and supply chain risk. 4 years of experience working in an environment bridging internal teams and external partners. 3 years of experience in data center infrastructure, operations, and vendor impact assessment.

Preferred qualifications:

5 years of experience managing cross-functional or cross-team projects. Experience in Third Party Risk Management (TPRM) or Vendor Risk Management (VRM) or certifications (e.g., CTPRP, CISA, CRISC). Experience using dedicated vendor risk management platforms. Strong attention to detail in vendor data, assessment scoring, and formatting. Excellent communication skills with the ability to escalate vendor non-compliance effectively. Excellent problem-solving and decision-making skills when evaluating external dependencies. About the job A problem isn't truly solved until it's solved for all. That's why Googlers build products that help create opportunities for everyone, whether down the street or across the globe. As a Technical Program Manager at Google, you'll use your technical expertise to lead complex, multi-disciplinary projects from start to finish. You'll work with stakeholders to plan requirements, identify risks, manage project schedules, and communicate clearly with cross-functional partners across the company. You're equally comfortable explaining your team's analyses and recommendations to executives as you are discussing the technical tradeoffs in product development with engineers. As a Technical Program Manager for Third Party Risk Management, you will work with our risk coordinators, procurement teams, and external partners to maintain an accurate third-party risk profile. Your primary focus will be generating actionable vendor risk insights, monitoring partner risks, and evaluating vendors throughout their lifecycle. You will assess risks related to external dependencies across the data center fleet, maintain a cohesive narrative between third-party exposure and internal controls, and manage the central library of vendor compliance information at physical locations worldwide. Behind everything our users see online is the architecture built by the Technical Infrastructure team to keep it running. From developing and maintaining our data centers to building the next generation of Google platforms, we make Google's product portfolio possible. We're proud to be our engineers' engineers and love voiding warranties by taking things apart so we can rebuild them. We keep our networks up and running, ensuring our users have the best and fastest experience possible. The US base salary range for this full-time position is $163,000-$237,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about . Responsibilities Develop and maintain a comprehensive third-party risk register specific to data center operations, encompassing vendor physical, environmental, operational, and security domains. Develop and implement third-party risk mitigation strategies, including vendor policies, agreement requirements, and technical safeguards, to reduce the impact of external risks. Establish vendor Key Risk Indicators (KRIs) and metrics to monitor the ongoing compliance of third parties and identify emerging external risks. Serve as a key point of contact for data center third-party risk matters, collaborating with internal teams (e.g., procurement, security, operations, legal, compliance) and external stakeholders (e.g., vendors, suppliers, external auditors).