About the Role
The role involves managing third-party risk within the information security program by evaluating vendor security practices, conducting risk assessments, and ensuring alignment with regulatory and organizational requirements.
Responsibilities
- Evaluate security controls of external vendors and partners
- Perform risk assessments for third-party service providers
- Maintain documentation of vendor risk profiles and findings
- Collaborate with procurement and legal teams during vendor onboarding
- Monitor ongoing compliance of third parties with security policies
- Identify and report potential security vulnerabilities in vendor systems
- Support audits and reviews related to third-party engagements
- Develop and maintain risk scoring methodologies for vendors
- Track remediation efforts for identified vendor risks
- Ensure adherence to data privacy regulations in vendor contracts
- Facilitate security questionnaires and due diligence processes
- Provide guidance on acceptable risk levels for vendor relationships
- Stay current with evolving third-party threat landscapes
- Contribute to improvements in vendor risk management frameworks
- Communicate risk findings to stakeholders and leadership
- Assist in the development of security policies for third parties
- Analyze vendor security certifications and audit reports
- Coordinate responses to vendor-related security incidents
- Promote consistent application of security standards across departments
- Support integration of risk tools and vendor management platforms
- Engage with vendors to clarify security requirements
- Escalate critical risks to appropriate teams and executives
- Maintain an inventory of active third-party relationships
- Conduct periodic reassessments of high-risk vendors
- Align vendor risk practices with industry standards and frameworks
Compensation
Competitive salary and comprehensive benefits package
Work Arrangement
Hybrid work model with flexible scheduling options
Team
Collaborative environment within the information security team
About Us
This organization advances sexual health and rights through clinical services, education, and advocacy. It operates with a commitment to equity, access, and dignity for all individuals, particularly underserved communities. The work environment emphasizes collaboration, inclusion, and mission alignment.
Commitment to Equity
Diversity, equity, and inclusion are central to operations and culture. The organization actively fosters an environment where differences are respected and all team members can contribute meaningfully. Efforts are made to address systemic barriers in both services and workplace practices.
Not available for this position
