Manager – Cybersecurity Third Party Risk

Job not on LinkedIn

🔥 6 minutes ago

🐊 Florida, Nevada, +2 more states – Remote

🐊 Florida – Remote 🎰 Nevada – Remote ⚔️ Virginia – Remote ⛰️ West Virginia – Remote

💵 $116.7k - $216.8k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Sentara Health

WebsiteLinkedInAll Job Openings

10,000+ employees

Founded 1890

⚕️ Healthcare Insurance

Healthcare Insurance

Sentara Health is a leading healthcare system that operates over 300 sites of care in Virginia and northeastern North Carolina, including 12 acute care hospitals. The company is dedicated to providing exceptional patient care, fostering professional development, and maintaining a diverse workforce. Sentara Health aims to improve health every day and has been recognized for its clinical and operational performance, being named one of the top 15 health systems by IBM Watson Health. The organization supports its employees in achieving their full potential and encourages growth and innovation in the healthcare sector.

📋 Description

• Develop, enhance and execute the third-party risk management program including onboarding, maintenance and ongoing monitoring, and offboarding of third-party suppliers. • Identify and categorize third party vendors based on risk, understanding and prioritizing the risks. • Establish and enforce key controls to mitigate the risk. • Perform continuous monitoring that tracks and reassesses third parties. • Ensure third party contractual compliance with Sentara policy and standards. • Negotiate and maintain the information security exhibit with the vendors through the contracting process. • Regularly interact with all levels of management to present and discuss third-party risk management. • Conduct comprehensive risk assessments of third-party vendors based on risk. • Manage a team of assessors for performing vendor assessments and vendor contracts negotiations. • Analyze and prioritize risks based on their potential impact on the organization’s operations, data, and reputation. • Develop and streamline the third-party risk management process. • Identify and assess vulnerabilities within vendor systems, networks, and applications. • Collaborate with cross-functional teams, including IT, security, and compliance, to develop and implement risk mitigation strategies. • Prepare detailed third-party risk assessment reports, including findings, recommendations, and mitigation plans, for presentation to management. • Maintain accurate and up-to-date documentation of third-party risk assessment activities, findings, and risk treatment plans. • Assist in audits and assessments to demonstrate compliance with cybersecurity standards.

🎯 Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (preferred) • 7+ years of experience in cybersecurity, with at least 3 years in risk management (Experience in lieu of Bachelor's Degree) • Certification/Licensure: CISSP (Preferred) • Certification/Licensure: CISM (Preferred) • Certification/Licensure: CRISC (Preferred) • Certification/Licensure: CISA (Preferred) • 5+ years of experience in cybersecurity, with at least 3 years in risk management with a degree (Required) • 7+ years of experience in cybersecurity, with at least 3 years in risk management without a degree (Required) • Strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis. • Proficiency in performing third-party risk assessments and negotiating contractual security language. • Knowledge of regulatory compliance requirements and industry standards. • Excellent analytical and problem-solving skills. • Effective communication and interpersonal abilities to collaborate with multidisciplinary teams. • Experience in healthcare or other highly regulated industries preferred. • Deep understanding of cybersecurity frameworks (NIST CSF, NIST 800-53, ISO 27001, HITRUST). • Knowledge of healthcare regulations (HIPAA, HITECH) and their technical requirements. • Familiarity with risk assessment methodologies and tools. • Understanding of security technologies, controls, and best practices. • Experience with GRC (Governance, Risk, and Compliance) platforms such as ServiceNOW, OneTrust.

🏖️ Benefits

• Medical, Dental, Vision plans • Adoption, Fertility and Surrogacy Reimbursement up to $10,000 • Paid Time Off and Sick Leave • Paid Parental & Family Caregiver Leave • Emergency Backup Care • Long-Term, Short-Term Disability, and Critical Illness plans • Life Insurance • 401k/403B with Employer Match • Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education • Student Debt Pay Down – $10,000 • Reimbursement for certifications and free access to complete CEUs and professional development • Pet Insurance • Legal Resources Plan • Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.