Third-Party Risk Management GRC

Job Title: Third-Party Risk Management (TPRM) - GRC -
Primary Location: REMOTE
Position Type: DIRECT HIRE

Overview

TalentFish is casting a line for a Third-Party Risk Management (TPRM) GRC - Cybersecurity. This is a remote direct-hire role.

This is a new role you will lead develop and manage a comprehensive Third-Party Risk Management (TPRM) security program in alignment with organizational cybersecurity compliance legal and procurement functions. This role is responsible for building and managing TPRM policies processes and team operations to ensure third-party vendors meet established security standards.

What You Bring to the Role (Ideal Experience)

• Bachelors degree required.

• 8 years of relevant experience in security policy creation auditing methodology technology risk management or third-party risk management.

• Strong knowledge of cybersecurity controls compliance governance and vendor risk analysis.

• Experience sourcing analyzing negotiating selecting and managing third-party vendors.

• Proven leadership experience including managing and mentoring cybersecurity teams.

• Excellent verbal and written communication skills with the ability to present to senior leadership and stakeholders.

• Self-starter who thrives in a collaborative cross-functional environment.

• Experience with Federal and State regulations including HIPAA SOX and FERPA.

• Familiarity with frameworks such as NIST HITRUST PCI ISO SOC 2 ITIL and COSO.

• Preferred: 3 years of progressive GRC experience in a healthcare environment.

• Preferred: Relevant certifications such as CISM CISSP ISSMP or CCISO.

What Youll Do (Skills Used in this Position)

• Lead the development implementation and continuous improvement of the organizations TPRM program.

• Supervise and guide a team of cybersecurity analysts executing third-party risk assessments and governance.

• Manage TPRM technology tools processes and vendor security review workflows.

• Interpret analyze and report on vendor security assessments and identify areas for remediation or enhancement.

• Maintain and enforce adherence to third-party security policies and standards.

• Collaborate with cross-functional teams including cybersecurity leadership legal procurement and compliance.

• Provide meaningful risk mitigation recommendations to strengthen third-party security posture.

• Manage the lifecycle of vendor security questionnaires evaluations and remediation tracking.

• Create and deliver regular governance reporting to internal stakeholders and leadership.

• Develop and execute roadmaps for the maturity and scaling of the TPRM program.

• Support internal training and awareness efforts related to vendor security and TPRM processes.

• Stay up to date on emerging TPRM practices regulatory changes and cybersecurity trends.

• Participate in vendor risk assessments covering a range of topics including data privacy geography insurance coverage and performance.

Compensation Information

The expected salary range for this position is $115000.00 - $194000.00 (Midpoint 150K) depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance 401(k) and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided complies with applicable state and federal regulations.

This role requires authorization to work in the U.S. without current or future visa sponsorship.

All offers are contingent upon the completion of a background check which may include but is not limited to: reference checks education verification employment verification drug testing criminal records checks and any required certifications or compliance requirements based on the end clients background check policies and applicable laws.

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI video screening and our unique platform. TalentFish focuses on providing the best employee consultant and client experience possible.

At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!