Manager, Third Party Risk Management (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Manager, Third Party Risk Management (Cybersecurity): Leading a team of TPRM analysts to assess and manage risks within the third-party vendor ecosystem with an accent on scalability, automation, and GRC program maturity. Focus on integrating AI-driven capabilities, optimizing ServiceNow workflows, and enforcing cybersecurity policies across the organization.
Location: Must be based in the USA (Remote)
Salary: $125,000 - $180,000 per year
Company
CrowdStrike is a global leader in cybersecurity providing an AI-native platform to stop breaches and protect modern organizations across all industries.
What you will do
- Lead, mentor, and develop a team of 4 TPRM professionals, fostering a culture of accountability and operational excellence.
- Oversee end-to-end third-party risk assessments, including inherent risk tiering, due diligence, and control evaluations.
- Partner with Procurement, Legal, IT, and Security stakeholders to embed risk considerations into the vendor engagement process.
- Drive the implementation of automation and AI-driven capabilities within ServiceNow TPRM to enhance risk scoring and workflow efficiency.
- Develop and maintain TPRM policies and standards aligned with NIST CSF, ISO 27001, and SOC 2 frameworks.
- Define and track KPIs and metrics to demonstrate program maturity and effectiveness to senior leadership.
Requirements
- Must be based in the United States.
- 10+ years of experience in Third Party Risk Management, GRC, or information security risk.
- 3+ years of people management experience with a proven ability to lead teams.
- Hands-on experience with the ServiceNow Third Party Risk Management (TPRM) module.
- Strong understanding of security frameworks including NIST CSF, ISO 27001, SOC 2, and NIST 800-53.
- Experience driving process improvement, automation, or operational efficiency initiatives.
Nice to have
- Experience with cloud environments and CrowdStrike products.
- Practical experience in Software Development and Secure Coding best practices.
- Experience performing integration risk assessments and threat modeling for third-party software.
- Experience working with leading GRC products.
Culture & Benefits
- Competitive compensation and equity awards.
- Comprehensive physical and mental wellness programs.
- Competitive vacation and holiday policy for recharge.
- Paid parental and adoption leaves.
- Professional development opportunities available for all employees regardless of level.
- Vibrant office culture with world-class amenities.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →