Job Description
Job Description
We are seeking a hands on Third Party Risk Manager with a strong cybersecurity focus to help design, operationalize, and mature an evolving Third Party Risk Management (TPRM) program. This individual will own vendor cyber risk throughout the lifecycle — due diligence, tiering, onboarding, continuous monitoring, and issue management — while working within an existing but loosely structured framework across Procurement, Compliance, and IT Operations.
Key Responsibilities
• Design and mature a cyber focused TPRM program in an immature-to-developing state.
• Perform vendor due diligence, including review of SOC 1 / SOC 2 Type II reports, security questionnaires, and regulatory requirements.
• Establish and execute a three tier vendor risk model (High / Medium / Low) based on criticality and cyber exposure.
• Develop a unified operating plan for vendor onboarding, monitoring, and risk escalation.
• Determine when and how to challenge vendors on con...
We are seeking a hands on Third Party Risk Manager with a strong cybersecurity focus to help design, operationalize, and mature an evolving Third Party Risk Management (TPRM) program. This individual will own vendor cyber risk throughout the lifecycle — due diligence, tiering, onboarding, continuous monitoring, and issue management — while working within an existing but loosely structured framework across Procurement, Compliance, and IT Operations.
Key Responsibilities
• Design and mature a cyber focused TPRM program in an immature-to-developing state.
• Perform vendor due diligence, including review of SOC 1 / SOC 2 Type II reports, security questionnaires, and regulatory requirements.
• Establish and execute a three tier vendor risk model (High / Medium / Low) based on criticality and cyber exposure.
• Develop a unified operating plan for vendor onboarding, monitoring, and risk escalation.
• Determine when and how to challenge vendors on con...