Planned Parenthood Federation of America is hiring a
Senior Specialist Information Security Third Party Risk Management in United States

Summary

The job is for an Associate Director, Third Party InfoSec Risk at Planned Parenthood Federation of America (PPFA) and Planned Parenthood Action Fund (PPAF). The role involves managing third-party risks, developing strategies, and working with various teams. This is a telecommuter position with a salary range of $87,000 - $97,000 per year.

Requirements

• Bachelor’s degree and 2+ years of experience in a financial services, consulting organization, information security, risk management, or audit role
• Two (2) years of working in third-party risk management, assessment, governance, procurement, or related experience
• Two (2) years of vendor management, supplier management, or related experience
• Experience with program development and implementing standard operating procedures
• Experience in basic contract management which includes reviewing contracts, understanding basic terms and general contract language, especially legal documents that require data privacy and security language
• Ability to work in a dynamic, fast-paced environment, managing competing cross-functional priorities and complex requirements

Responsibilities

• Deliver by utilizing third-party assessment tools and implementing processes to support the Third Party Assessment Program for PPFA and Affiliates
• Educate staff and Affiliates on the importance of Third Party Risk Management, the due diligence process, and how to leverage the results of third-party assessment tools
• Proactively monitor the performance of the Program using KPIs, KRIs, SLAs, and risk ratings, escalating issues to management as appropriate
• Develop a long-term dynamic strategy for the growth and maturation of the third-party risk management program in conjunction with rising novel cybersecurity threats in the healthcare industry
• Facilitate regular communication concerning third-party performance and risk trends to relevant committees, senior management, and executive sponsors
• Identify and execute continuous process improvements to drive effective third-party risk capabilities across the Federation
• Maintain report metrics data around third-party risk management activities on a regular frequency and/or as needed
• Support the maintenance of a centralized vendor database and repository to centralize information and increase data accuracy and visibility

Preferred Qualifications

Industry certification preferred (e.g. CISA, CISM, CRISC)

Benefits

• Generous vacation + sick leave + paid holidays
• Individual/family provided medical, dental and vision benefits effective day 1
• Life insurance
• Short/long term disability
• Paid family leave
• 401k
• Voluntary opt-in for Flexible Spending Account (FSA) and Transportation/Commuter accounts