Job Title: Third-Party Risk Management (TPRM) - GRC -
Primary Location: REMOTE
Position Type: DIRECT HIRE

Overview

TalentFish is casting a line for a Third-Party Risk Management (TPRM) GRC - Cybersecurity. This is a remote, direct-hire role.

This is a new role you will lead, develop, and manage a comprehensive Third-Party Risk Management (TPRM) security program in alignment with organizational cybersecurity, compliance, legal, and procurement functions. This role is responsible for building and managing TPRM policies, processes, and team operations to ensure third-party vendors meet established security standards.

What You Bring to the Role (Ideal Experience)

• Bachelor's degree required.

• 8+ years of relevant experience in security policy creation, auditing methodology, technology risk management, or third-party risk management.

• Strong knowledge of cybersecurity controls, compliance, governance, and vendor risk analysis.

• Experience sourcing, analyzing, negotiating, selecting, and managing third-party vendors.

• Proven leadership experience, including managing and mentoring cybersecurity teams.

• Excellent verbal and written communication skills, with the ability to present to senior leadership and stakeholders.

• Self-starter who thrives in a collaborative, cross-functional environment.

• Experience with Federal and State regulations, including HIPAA, SOX, and FERPA.

• Familiarity with frameworks such as NIST, HITRUST, PCI, ISO, SOC 2, ITIL, and COSO.

• Preferred: 3+ years of progressive GRC experience in a healthcare environment.

• Preferred: Relevant certifications such as CISM, CISSP, ISSMP, or CCISO.

What You'll Do (Skills Used in this Position)

• Lead the development, implementation, and continuous improvement of the organization's TPRM program.

• Supervise and guide a team of cybersecurity analysts executing third-party risk assessments and governance.

• Manage TPRM technology tools, processes, and vendor security review workflows.

• Interpret, analyze, and report on vendor security assessments and identify areas for remediation or enhancement.

• Maintain and enforce adherence to third-party security policies and standards.

• Collaborate with cross-functional teams, including cybersecurity leadership, legal, procurement, and compliance.

• Provide meaningful risk mitigation recommendations to strengthen third-party security posture.

• Manage the lifecycle of vendor security questionnaires, evaluations, and remediation tracking.

• Create and deliver regular governance reporting to internal stakeholders and leadership.

• Develop and execute roadmaps for the maturity and scaling of the TPRM program.

• Support internal training and awareness efforts related to vendor security and TPRM processes.

• Stay up to date on emerging TPRM practices, regulatory changes, and cybersecurity trends.

• Participate in vendor risk assessments covering a range of topics, including data privacy, geography, insurance coverage, and performance.

Compensation Information

The expected salary range for this position is $115,000.00 - $194,000.00 (Midpoint 150K), depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided complies with applicable state and federal regulations.

This role requires authorization to work in the U.S. without current or future visa sponsorship.

All offers are contingent upon the completion of a background check, which may include but is not limited to: reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws.

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible.

At TalentFish, we are an Equal Opportunity Employer; we embrace and encourage diversity!