Jobs › Senior Software Engineer, Trust and Third Party Risk Management
Senior Software Engineer, Trust and Third Party Risk Management
Role at a glance
- Category
- Risk
- Work arrangement
- Remote
- Location
- .
- Posted
- Jun 26, 2026
Vanta is hiring a Senior Software Engineer, Trust and Third Party Risk Management in .. This is a Risk role in the governance, risk, and compliance field. Review the full details below and apply directly with Vanta.
At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it. Senior Software Engineer, Trust (TPRM) - Job Description As a Senior Software Engineer on Vanta's Trust TPRM team, you'll build the full-stack product experiences and underlying data infrastructure that help enterprises manage vendor risk at scale — working across teams focused on vendor lifecycle management and vendor monitoring. Vanta's Trust TPRM (Third-Party Risk Management) team is building the products that make vendor risk management seamless for security and procurement teams. From vendor onboarding and lifecycle management to continuous monitoring and procurement integrations, we're creating the platform that helps Vanta customers understand, track, and mitigate third-party risk — a fast-growing, business-critical capability for modern enterprises. As a Senior Software Engineer, you'll contribute as a core member of either the Vendor Lifecycle or Vendor Monitoring Experience team. You'll design and ship full-stack features that directly shape how customers manage vendor relationships, collaborate with product and design partners, and bring real engineering ownership to a product area that's growing quickly within Vanta. What you’ll do as a Senior Software Engineer at Vanta: Design, build, and maintain full-stack features across the TPRM product surface, including vendor onboarding, lifecycle management, and monitoring workflows Contribute to the vendor data model and core platform abstractions that power TPRM products Write clean, well-tested code and actively participate in code reviews; uphold engineering quality standards Engage in architecture discussions and contribute to technical decision-making within your team Collaborate with product, design, and other engineering teams to deliver high-quality, customer-facing features with real business impact How to be successful in this role: 5+ years of professional software engineering experience with full-stack or product-focused development Strong proficiency in TypeScript/React (front-end) or a backend language such as Node.js Experience building and shipping production-quality web applications in a fast-paced environment Solid understanding of databases
Full responsibilities and requirements are on Vanta's application page.
Apply for this role →Location and market context
This is a remote risk management role, so it draws from a national talent pool rather than a single metro. Remote governance and compliance roles reward candidates who can show they work effectively across time zones and distributed legal, security, and product teams. Confirm any residency, travel, or occasional-onsite expectations directly with Vanta.
About risk management roles
Risk roles own the methodology for identifying, assessing, and escalating enterprise, operational, and technology risk. Second-line teams set risk appetite and challenge the first line. Roles like this one are typically evaluated against frameworks such as enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices.
How to position yourself for this risk management role
Strong candidates emphasize risk assessment methodology, appetite and escalation, cross-functional partnership, and clear reporting to senior leadership and the board. In your resume and outreach, tie your experience to how Vanta would apply enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location