Third-Party Risk Management Specialist

RxSense Logo

RxSense

πŸ’΅ $85k-$105k
πŸ“Remote - United States

Summary

Join RxSense, a leading healthcare technology company, as a Third-Party Risk Management Specialist and contribute to their Information Security team. You will play a crucial role in safeguarding the privacy, confidentiality, integrity, and availability of information and systems across the organization. Your primary focus will be conducting vendor assessments, identifying third-party risks, and recommending mitigation strategies. This role requires a strong background in Third-Party Risk Management (TPRM) and experience working with industry-standard frameworks. You will be responsible for leading and managing third-party risk assessments, evaluating and monitoring third-party controls, collaborating with various departments, maintaining compliance with relevant standards, and supporting audits and compliance initiatives related to vendor management and security.

Requirements

  • 2 + plus year of experience with all aspects of TPRM
  • Must maintain a clean and presentable appearance and work environment for video calls
  • Excellent verbal and written communication skills
  • Customer service orientation (e.g., patience, positive customer-friendly attitude, active listening, empathy, professionalism, etc.)
  • Strong attention to detail
  • Ability to manage multiple responsibilities and competing priorities, constantly reprioritizing based on new information or shifting deadlines
  • Strong desire to learn new technologies, frameworks, and standards
  • Maintain current skills and strive to acquire new knowledge based on current industry trends
  • Highly motivated self-starter & independent worker who can produce high level results consistently with minimal supervision
  • Must work well in a team environment and participate in working meetings over Zoom (or equivalent)
  • Capable of analyzing data to evaluate risk and compliance
  • Ability to travel when required for audits
  • Bachelor’s degree or equivalent years of industry experience

Responsibilities

  • Lead and manage third-party risk assessments, ensuring vendors meet security and compliance standards
  • Evaluate and monitor third-party controls to identify potential risks and recommend mitigation strategies
  • Collaborate with legal, IT and business units to align vendor onboarding and risk processes
  • Maintain compliance with SOC1, SOC2, HIPAA, HITRUST and ISO 27001
  • Assist in the development and maintenance of policies, procedures, and standards related to third-party security
  • Maintain inventory of third parties
  • Track remediation efforts for identified vendor risks and ensure timely resolution
  • Collaborate with the GRC Manager to continuously enhance and mature the TPRM Program
  • Support audits and compliance initiatives related to vendor management and security
  • Develop relationships within the team and across departments to encourage cooperation, communication, and respect

Preferred Qualifications

  • Security Certifications a plus
  • Governance, Risk, and Compliance (GRC) experience a plus
  • Basic Knowledge of information security frameworks (e.g., ISO 27001, HITRUST, and SOC 2) and regulatory requirements such as HIPAA a plus

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.