Third-Party Risk Management Specialist

RxSense
Summary
Join RxSense, a leading healthcare technology company, as a Third-Party Risk Management Specialist and contribute to their Information Security team. You will play a crucial role in safeguarding the privacy, confidentiality, integrity, and availability of information and systems across the organization. Your primary focus will be conducting vendor assessments, identifying third-party risks, and recommending mitigation strategies. This role requires a strong background in Third-Party Risk Management (TPRM) and experience working with industry-standard frameworks. You will be responsible for leading and managing third-party risk assessments, evaluating and monitoring third-party controls, collaborating with various departments, maintaining compliance with relevant standards, and supporting audits and compliance initiatives related to vendor management and security.
Requirements
- 2 + plus year of experience with all aspects of TPRM
- Must maintain a clean and presentable appearance and work environment for video calls
- Excellent verbal and written communication skills
- Customer service orientation (e.g., patience, positive customer-friendly attitude, active listening, empathy, professionalism, etc.)
- Strong attention to detail
- Ability to manage multiple responsibilities and competing priorities, constantly reprioritizing based on new information or shifting deadlines
- Strong desire to learn new technologies, frameworks, and standards
- Maintain current skills and strive to acquire new knowledge based on current industry trends
- Highly motivated self-starter & independent worker who can produce high level results consistently with minimal supervision
- Must work well in a team environment and participate in working meetings over Zoom (or equivalent)
- Capable of analyzing data to evaluate risk and compliance
- Ability to travel when required for audits
- Bachelorβs degree or equivalent years of industry experience
Responsibilities
- Lead and manage third-party risk assessments, ensuring vendors meet security and compliance standards
- Evaluate and monitor third-party controls to identify potential risks and recommend mitigation strategies
- Collaborate with legal, IT and business units to align vendor onboarding and risk processes
- Maintain compliance with SOC1, SOC2, HIPAA, HITRUST and ISO 27001
- Assist in the development and maintenance of policies, procedures, and standards related to third-party security
- Maintain inventory of third parties
- Track remediation efforts for identified vendor risks and ensure timely resolution
- Collaborate with the GRC Manager to continuously enhance and mature the TPRM Program
- Support audits and compliance initiatives related to vendor management and security
- Develop relationships within the team and across departments to encourage cooperation, communication, and respect
Preferred Qualifications
- Security Certifications a plus
- Governance, Risk, and Compliance (GRC) experience a plus
- Basic Knowledge of information security frameworks (e.g., ISO 27001, HITRUST, and SOC 2) and regulatory requirements such as HIPAA a plus
Share this job:
Similar Remote Jobs

