Demo

Client & Vendor Risk Manager

Default Brand -BB LOGO
Dallas, TX Full Time
POSTED ON 7/9/2026
AVAILABLE BEFORE 9/9/2026

ABOUT BAKER BOTTS

Baker Botts is a leading international law firm recognized for its deep understanding of the industries it serves. With offices across major global markets, the firm delivers sophisticated legal services while cultivating a collaborative, inclusive culture where both attorneys and professional staff contribute to client success and organizational excellence.

ABOUT THE ROLE

The Information Security Client & Vendor Risk Manager leads the firm’s client due diligence program and oversees all information security vetting for third party vendors across the firm. This role requires deep expertise in security frameworks, strong risk‑assessment judgment, and the ability to influence senior stakeholders, including internal stakeholders, and client security teams. The Manager acts as a key liaison between the firm’s clients, internal leadership, IT Security, Procurement, and Risk Management, ensuring the firm meets the heightened expectations of our clients.

WHAT YOU'LL DO

Primary Responsibilities

  • Own and mature the firm‑wide client and vendor due‑diligence program, ensuring consistency, accuracy, and alignment with the firm’s security posture and regulatory obligations.
  • Serve as the firm’s subject‑matter expert on information‑security controls, certifications, and risk posture during client audits, RFPs, and reviews or client engagement terms.
  • Lead complex vendor‑risk assessments for high‑impact technology and service providers, including review of SOC 2 reports, ISO 27001 certifications, penetration‑test results, cloud‑security controls, data‑protection, privacy, and retention practices.
  • Develop and maintain the firm’s vendor‑risk management framework, including risk‑scoring methodologies, onboarding workflows, and continuous‑monitoring processes.
  • Partner with Procurement, IT, and Office of General Counsel to evaluate vendor contracts, negotiate security requirements, and recommend risk‑mitigation strategies.
  • Prepare the firm for client audits and regulatory reviews, coordinating evidence collection, documentation, and SME participation across multiple departments.
  • Represent the firm in client‑facing security discussions, including responding to escalated inquiries from corporate counsel, privacy officers, and client security teams.
  • Monitor emerging risks and regulatory developments relevant to the legal industry (e.g., SEC cybersecurity rules, state privacy laws, international data‑transfer requirements).
  • Mentor junior analysts and contribute to the professional development of the broader Risk and Compliance team.
  • Drive continuous improvement, identifying opportunities to streamline due‑diligence workflows, enhance tracking and remediation of client-identified risks, and strengthen the firm’s security posture.

Additional Responsibilities

  • Provide management with periodic reports & briefings on evolving topics within their area of responsibility.
  • Other related projects and duties as assigned by the Director of Information Security.

WHAT YOU'LL BRING

Required

  • 6 years of experience in information security, vendor risk management, compliance, or legal‑industry operations, ideally within an Am Law 200 firm or similarly regulated environment.
  • Deep understanding of security frameworks and standards (SOC 2, ISO 27001, NIST CSF, HIPAA, GLBA, state privacy laws).
  • Experience conducting or leading vendor‑risk assessments for enterprise‑level technology providers.
  • Strong communication skills, including the ability to brief partners, respond to client security teams, and translate technical concepts for non‑technical audiences.
  • Demonstrated ability to work independently, manage sensitive information, and lead cross‑functional initiatives in a high‑pressure environment.
  • Professional certifications such as CTPRA, ISO 27001 Lead Implementer or Lead Auditor and CISSP, CISM, CRISC, or CISA required.
  • Experience with legal‑industry technologies (DMS, e‑discovery platforms, cloud‑based practice‑management tools) is a plus.

HOW YOU'LL WORK

Extent of Contact

This position requires contact with individuals within the firms as follows:

  • Daily contact with staff from the Firm’s Information Technology, Client Development and Office of the General Counsel teams.
  • Moderate contact with Firm’s attorneys and client representatives.
  • Occasional contact with Firm Management.

This position requires contact with individuals outside the firm as follows:

  • Moderate contact with Firm vendors or potential vendors.
  • Moderate contact with Firm clients

Physical Requirements

  • Must be able to routinely lift and carry event materials and other items up to 10 pounds.
  • Must be able to work at a computer for extensive periods of time.
  • Position requires extensive telephone use.
  • Must be able to lift, squat, kneel and bend.
  • Position requires the ability to visit face-to-face and on the phone with firm lawyers.

Working Conditions and Environment

  • Position is full-time and requires a five-day work week and standard hours as outlined in the Firm policy manual. Additional hours, including weekend and evening hours may be required to perform the essential functions of the job.
  • Must be able to perform essential duties of the position with time constraints and frequent interruptions. 
  • Ability to work well in high pressure environments.
  • 24x7 communication access is required.
  • This position is fully remote. You will be required to come to the office periodically for team meetings or when there is a business or client need.
  • There is potential for travel when needed for team meetings, onsite assessments etc. when there is a business or client need.
  • When working remotely, you must have secure and reliable internet service and a safe, private workspace from which to work.

Baker Botts L.L.P. is an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, gender, sex, age, religion, creed, national origin, citizenship, marital status, sexual orientation, disability, medical condition, military and veteran status, gender identity or expression, genetic information, or any other basis protected by federal, state, or local law.

Salary.com Estimation for Client & Vendor Risk Manager in Dallas, TX
$133,515 to $162,906
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Client & Vendor Risk Manager?

Sign up to receive alerts about other jobs on the Client & Vendor Risk Manager career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$122,325 - $159,127
Income Estimation: 
$131,676 - $196,560
Income Estimation: 
$176,392 - $248,211
Income Estimation: 
$163,962 - $219,201
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$194,072 - $240,547
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Default Brand -BB LOGO

  • Default Brand -BB LOGO Houston, TX
  • ABOUT BAKER BOTTS Baker Botts is a leading international law firm recognized for its deep understanding of the industries it serves. With offices across ma... more
  • 5 Days Ago

  • Default Brand -BB LOGO Austin, TX
  • The Austin Office of Baker Botts LLP is currently seeking an Office Services Assistant. The candidate will perform a variety of messenger and inside delive... more
  • 14 Days Ago

  • Default Brand -BB LOGO Dallas, TX
  • ABOUT BAKER BOTTS Baker Botts is a leading international law firm recognized for its deep understanding of the industries it serves. With offices across ma... more
  • 14 Days Ago


Not the job you're looking for? Here are some other Client & Vendor Risk Manager jobs in the Dallas, TX area that may be a better fit.

  • Marsh Risk Dallas, TX
  • Customer and client expectations are constantly evolving. Companies are merging at historic rates. Technology is developing faster than the market can keep... more
  • 19 Days Ago

  • Hilltop Holdings Dallas, TX
  • Hilltop Holdings is looking for a Vendor Risk Analyst to assist in maintaining, executing, and enhancing our Vendor Risk Management Program. Responsibiliti... more
  • 3 Days Ago

AI Assistant is available now!

Feel free to start your new journey!