Lead, Third Party Risk Management (TPRM)

Help us change lives

At Exact Sciences were helpingchange how the world prevents detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career an inclusive culture and robust benefits to support your life while youre working to help others.

Position Overview

The Lead TPRM will be responsible for redesigning implementing and continuously improving the Third-Party Risk Management program across Exact Sciences. This role will serve as a central point of coordination between privacy cybersecurity quality procurement and other due diligenceteams to ensure third-party engagements meet regulatory compliance and internal policy requirements. The role will also support broader Enterprise Risk Management (ERM) efforts by aligning third-party risk practices with enterprise-wide risk frameworks.

Essential Duties

Include but are not limited to the following:

Program Leadership & Strategy

• Lead the development and execution of a centralizedThird-Party Risk Management (TPRM) framework and corresponding workflows defining the appropriate tools to best facilitate the process.
• Facilitate cross-functional working sessions to identify and address supplier risk assessment gaps including tiering policy creation education/training and governance.
• Lead Cross-Functional teams to define highest risk profile criteria and partner with business leaders to gain alignment on no go positions
• Facilitate senior leader risk summaries to identify risk and establish/track program metrics promoting business owner acceptance of risk profiles within third party relationships.

Risk Assessment & Due Diligence

• Ensure compliance with KPIs and SLAs for daily operations across teams ensuring measurable outcomes are achieved.
• Act as a point of escalation for the operational teams to ensure expediency while balancing risk to the organization.
• Lead large one-time risk reviews related to M&A activity assessing third-party vendor risk in acquired entities and building corresponding mitigation plans to get new partner aligned with EXAS standards

Monitoring & Reassessment

• Implement automated reassessment workflows based on third-party risk posture and material relationship changes.
• Track residual risks and ensure ongoing remediation and control effectiveness.

Stakeholder Engagement

• Educate business owners on TPRM timelines SLA expectations and questionnaire completion responsibilities.
• Work as the central liaison between risk partners to define workflow enhancements and corresponding communication plans to drive organization policy creation & adherence
• Collaborate with internal teams to ensure alignment on privacy cybersecurity quality procurement and other due diligenceteams.
• Establish and facilitate executive level risk committeeto address and ensure action for escalated risk situations.

Reporting & Governance

• Develop dashboards and reporting mechanisms to monitor third-party risk status organizationalrisk exposure and program performance
• Support OE governance efforts by aligning TPRM activities with broader operational excellence goals.

Supplier Risk Process Optimization

• Collaborate with risk partners to redefine the supplier risk assessment process to be fit-for-purpose in collaboration with cross-functional risk partners ensuring it reflects the complexity and criticality of third-party engagements while remaining scalable and efficient.
• Act as a thought leader and change agent to foster a culture of risk awareness and accountability especially in emerging exposure areas with international expansion and global services.

• Uphold company mission and values through accountability innovation integrity quality and teamwork.
• Support and comply with the companys Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.

Minimum Qualifications

• Bachelors degree in business Risk Management Information Security or related field; masters preferred.
• 7 years of experience in risk management compliance or vendor oversight.
• Familiarity with regulatory frameworks (e.g. GDPR HIPAA HITRUST).
• Strong understanding of and experience with aligning risk with business strategy
• Experience with TPRM platforms (e.g. OneTrust Coupa) and risk assessment methodologies.
• Strong analytical communication and stakeholder management skills.
• Strong leadership and project management abilities. Including the ability to effectively manage stakeholder relationships and have accountability in tracking and achieving team goals.
• Ability to work collaboratively with cross-functional teams and mobilize and engage team members.
• Demonstrated ability to perform the essential duties of the position with or without accommodation.
• Authorization to work in the United States without sponsorship.

Preferred Qualifications

• Certifications such as CTPRP CISA CISSP or CRISC.

Salary Range:

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation holidays volunteering and personal time) paid leave for parents and caregivers a retirement savings plan wellness support and health benefits including medical prescription drug dental and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation please contact us here.

Not ready to apply Join our Talent Community to stay updated on the latest news and opportunities at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to disability protected veteran status and any other status protected by applicable local state or federal law.

To view the Right to Work E-Verify Employer and Pay Transparency notices and Federal Federal Contractor and State employment law posters visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.