Third-Party Risk Management Specialist

closed
RxSense Logo

RxSense

πŸ’΅ $85k-$105k
πŸ“Remote - United States

Summary

Join RxSense, a leading healthcare technology company, as a Third-Party Risk Management Specialist and contribute to their Information Security team. You will play a crucial role in safeguarding the privacy, confidentiality, integrity, and availability of information and systems across the organization. Your primary focus will be conducting vendor assessments, identifying third-party risks, and recommending mitigation strategies. This role requires a strong background in Third-Party Risk Management (TPRM) and experience working with industry-standard frameworks. You will be responsible for leading and managing third-party risk assessments, evaluating and monitoring third-party controls, collaborating with various departments, maintaining compliance with relevant standards, and supporting audits and compliance initiatives related to vendor management and security.

Requirements

  • 2 + plus year of experience with all aspects of TPRM
  • Must maintain a clean and presentable appearance and work environment for video calls
  • Excellent verbal and written communication skills
  • Customer service orientation (e.g., patience, positive customer-friendly attitude, active listening, empathy, professionalism, etc.)
  • Strong attention to detail
  • Ability to manage multiple responsibilities and competing priorities, constantly reprioritizing based on new information or shifting deadlines
  • Strong desire to learn new technologies, frameworks, and standards
  • Maintain current skills and strive to acquire new knowledge based on current industry trends
  • Highly motivated self-starter & independent worker who can produce high level results consistently with minimal supervision
  • Must work well in a team environment and participate in working meetings over Zoom (or equivalent)
  • Capable of analyzing data to evaluate risk and compliance
  • Ability to travel when required for audits
  • Bachelor’s degree or equivalent years of industry experience

Responsibilities

  • Lead and manage third-party risk assessments, ensuring vendors meet security and compliance standards
  • Evaluate and monitor third-party controls to identify potential risks and recommend mitigation strategies
  • Collaborate with legal, IT and business units to align vendor onboarding and risk processes
  • Maintain compliance with SOC1, SOC2, HIPAA, HITRUST and ISO 27001
  • Assist in the development and maintenance of policies, procedures, and standards related to third-party security
  • Maintain inventory of third parties
  • Track remediation efforts for identified vendor risks and ensure timely resolution
  • Collaborate with the GRC Manager to continuously enhance and mature the TPRM Program
  • Support audits and compliance initiatives related to vendor management and security
  • Develop relationships within the team and across departments to encourage cooperation, communication, and respect

Preferred Qualifications

  • Security Certifications a plus
  • Governance, Risk, and Compliance (GRC) experience a plus
  • Basic Knowledge of information security frameworks (e.g., ISO 27001, HITRUST, and SOC 2) and regulatory requirements such as HIPAA a plus
This job is filled or no longer available