# Third Party Risk Manager, APAC

**Company**: OpenAI
**Location**: Singapore
**Work arrangement**: hybrid
**Experience**: senior
**Job type**: Full time
**Category**: Finance
**Industry**: Technology
**Wikidata**: https://www.wikidata.org/wiki/Q124605186

**Apply**: https://jobs.ashbyhq.com/openai/feba5afa-8b01-4050-ad6c-889dfeaafd9f?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply
**Canonical**: https://yubhub.co/jobs/job_02f36036-006

## Description

OpenAI is building a world-class supplier risk and third-party risk program to support our global growth across hardware, infrastructure, and critical partner ecosystems. We're hiring a Manager Third Party Risk Management (TPRM) in Singapore to lead execution across Asia-Pacific, with a strong focus on electronics/device manufacturing supply chains and supplier compliance.

### Responsibilities

- Lead end-to-end TPRM execution across APAC, ensuring consistent and scalable risk assessment, onboarding, and monitoring of third parties.

- Support audits, regulatory requirements, and internal policy adherence across third-party relationships.

- Support supplier compliance initiatives aligned to leading industry standards (e.g., Responsible Business Alliance / RBA expectations), including labor, ethics, and management systems.

- Partner closely with Procurement, Legal/Compliance, Security, Privacy, and business teams to embed risk controls into supplier onboarding, contracting, and ongoing monitoring.

- Build and oversee supplier risk frameworks tailored to electronics and device manufacturing environments.

- Drive supplier due diligence, including operational, regulatory, and compliance risk assessments.

- Establish and track key risk indicators (KRIs), reporting, and governance mechanisms for regional leadership.

- Identify and mitigate risks across critical suppliers, including geopolitical, operational, and compliance risks.

- Continuously improve TPRM processes, tools, and controls to support scale and efficiency.

- Support incident response for supplier-related issues (e.g., compliance findings, operational disruptions), ensuring fast and effective resolution.

### Requirements

- 6+ years of experience in supplier risk, third-party risk management, supply chain risk, supplier compliance/auditing, or related fields.

- Strong experience in complex electronics or device manufacturing ecosystems (contract manufacturing, component ecosystems, multi-tier supply chains).

- Demonstrated ability to run onsite audits and drive remediation outcomes.

- Regional Experience: Experience working with Asia-based suppliers or operating in APAC markets.

- Technical Knowledge: Strong understanding of privacy, cyber risk, data security, operational resilience, and financial/vendor risk principles.

- Analytical Expertise: Skilled in analyzing risk data, identifying trends, and producing actionable reporting.

- Strong written and verbal communication,able to translate complex risk into clear decision narratives.

- Business-level Mandarin is required, as this role regularly manages vendor communications and documentation with vendors who conduct business primarily in Mandarin.

### Nice to Have

- Experience with export controls/sanctions, forced labor risk programs, and supplier ownership/beneficial ownership diligence.

- Experience conducting or supporting onsite factory or supplier audits.

- Exposure to hardware lifecycle risks (e.g., NPI, production ramp, supplier quality issues).

- Experience implementing GRC/TPRM tooling (e.g., OneTrust, Archer, ServiceNow GRC) and automating workflows.

- Familiarity with RBA programs and/or validated assessment approaches.

### Location & Travel

This role is based in Singapore and will involve 30% to 40% travel within Asia to supplier sites.

## Skills

### Required
- supplier risk management
- third-party risk management
- supply chain risk
- supplier compliance
- auditing
- risk assessment
- regulatory requirements
- internal policy adherence
- privacy
- cyber risk
- data security
- operational resilience
- financial/vendor risk principles
- analyzing risk data
- identifying trends
- producing actionable reporting
- written and verbal communication

### Nice to have
- export controls/sanctions
- forced labor risk programs
- supplier ownership/beneficial ownership diligence
- onsite factory or supplier audits
- hardware lifecycle risks
- GRC/TPRM tooling
- automating workflows
- RBA programs
- validated assessment approaches

---

Source: [Apply at jobs.ashbyhq.com](https://jobs.ashbyhq.com/openai/feba5afa-8b01-4050-ad6c-889dfeaafd9f?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply)