Third Party Risk Manager, APAC

OpenAI is building a world-class supplier risk and third-party risk program to support our global growth across hardware, infrastructure, and critical partner ecosystems. We're hiring a Manager Third Party Risk Management (TPRM) in Singapore to lead execution across Asia-Pacific, with a strong focus on electronics/device manufacturing supply chains and supplier compliance.

Responsibilities

• Lead end-to-end TPRM execution across APAC, ensuring consistent and scalable risk assessment, onboarding, and monitoring of third parties.
• Support audits, regulatory requirements, and internal policy adherence across third-party relationships.
• Support supplier compliance initiatives aligned to leading industry standards (e.g., Responsible Business Alliance / RBA expectations), including labor, ethics, and management systems.
• Partner closely with Procurement, Legal/Compliance, Security, Privacy, and business teams to embed risk controls into supplier onboarding, contracting, and ongoing monitoring.
• Build and oversee supplier risk frameworks tailored to electronics and device manufacturing environments.
• Drive supplier due diligence, including operational, regulatory, and compliance risk assessments.
• Establish and track key risk indicators (KRIs), reporting, and governance mechanisms for regional leadership.
• Identify and mitigate risks across critical suppliers, including geopolitical, operational, and compliance risks.
• Continuously improve TPRM processes, tools, and controls to support scale and efficiency.
• Support incident response for supplier-related issues (e.g., compliance findings, operational disruptions), ensuring fast and effective resolution.

Requirements

• 6+ years of experience in supplier risk, third-party risk management, supply chain risk, supplier compliance/auditing, or related fields.
• Strong experience in complex electronics or device manufacturing ecosystems (contract manufacturing, component ecosystems, multi-tier supply chains).
• Demonstrated ability to run onsite audits and drive remediation outcomes.
• Regional Experience: Experience working with Asia-based suppliers or operating in APAC markets.
• Technical Knowledge: Strong understanding of privacy, cyber risk, data security, operational resilience, and financial/vendor risk principles.
• Analytical Expertise: Skilled in analyzing risk data, identifying trends, and producing actionable reporting.
• Strong written and verbal communication,able to translate complex risk into clear decision narratives.
• Business-level Mandarin is required, as this role regularly manages vendor communications and documentation with vendors who conduct business primarily in Mandarin.

Nice to Have

• Experience with export controls/sanctions, forced labor risk programs, and supplier ownership/beneficial ownership diligence.
• Experience conducting or supporting onsite factory or supplier audits.
• Exposure to hardware lifecycle risks (e.g., NPI, production ramp, supplier quality issues).
• Experience implementing GRC/TPRM tooling (e.g., OneTrust, Archer, ServiceNow GRC) and automating workflows.
• Familiarity with RBA programs and/or validated assessment approaches.

Location & Travel

This role is based in Singapore and will involve 30% to 40% travel within Asia to supplier sites.