Seeking a professional to review supplier documents such as security reports and architecture diagrams, and collaborate with departments like Procurement, Privacy, and Legal.
Compile findings into risk reports, monitor supplier changes and risk indicators, and oversee remediation actions to enhance supplier performance.
Define and track risk management activities, create program reports, and maintain accurate supplier data.
Provide guidance and training on risk policies.
Requirements include a Bachelor's in Business Information Systems or similar, at least four years of related experience with focus on third-party risk management, understanding of security standards (e.g., NIST, ISO, GDPR), and familiarity with tools like OneTrust.
Certifications such as CISA, CISM, CISSP are preferred. Experience in higher education or research institutions and knowledge of legal/regulatory environments are a plus.
Strong communication, attention to detail, and the ability to work independently or in teams are essential.