Procom

Compensation

Full Description

Cybersecurity 3rd Party Risk Manager: On behalf of our healthcare client, Procom is searching for a Cybersecurity 3rd Party Risk Manager for a permanent role. This position is a remote position with the location based in Chicago, Illinois. Cybersecurity 3rd Party Risk Manager - Job Description: The Cybersecurity 3rd Party Risk Manager is responsible for developing, implementing, and maintaining the third-party risk management (TPRM) security program. This role involves close collaboration with Cybersecurity leadership, Legal, Corporate Compliance, Sourcing/Procurement, and other stakeholders to ensure effective implementation and operation of third-party information security. Cybersecurity 3rd Party Risk Manager - Responsibilities: • Collaborate with Cybersecurity leadership to develop and mature the TPRM program through effective governance and vendor management security controls. • Manage a team of cybersecurity analysts responsible for executing the TPRM program vision. • Ensure adherence to third-party risk management policies and standards. • Oversee TPRM technology and toolsets that support the program. • Conduct security reviews of new and existing technology vendors regularly. • Prepare governance reports and make recommendations for improvement. • Foster relationships with internal and external stakeholders. • Work with Cybersecurity GRC to track vendor risks and exceptions. • Develop roadmaps for TPRM maturity and lead related projects and initiatives. • Perform TPRM risk assessments with IT management, risk managers, and legal counsel. Cybersecurity 3rd Party Risk Manager - Mandatory Skills: • Bachelor's degree. • 8+ years of experience in security policy creation, technology risk management, and/or third-party risk management. • Excellent verbal and written communication skills. • Ability to work independently and manage frameworks and programs. • Strong prioritization, multi-tasking, and time management skills. • Knowledge of cybersecurity controls, compliance, and governance. • Understanding of Federal and State regulations, including HIPAA, SOX, and FERPA. Cybersecurity 3rd Party Risk Manager – Nice-to-Have Skills: • 3+ years of GRC experience in a healthcare setting. • Security industry certifications such as CISM, CISSP, ISSMP, or CCISO. • Knowledge of industry frameworks like NIST, HITRUST, PCI, ISO, SOC 2, ITIL, and COSO. • Excellent interpersonal skills for effective communication with all levels of personnel. • Ability to source, analyze, and manage third-party vendors. Cybersecurity 3rd Party Risk Manager – Assignment Length: This is a permanent position. Cybersecurity 3rd Party Risk Manager - Start Date: ASAP. Cybersecurity 3rd Party Risk Manager - Assignment Location: Remote position based in Chicago, Illinois, United States.