Chief Information Security Officer

Third-Party Risk Management Leadership Opportunity

We are seeking a highly skilled and experienced Senior Manager to spearhead our third-party risk management program within the Information Security team.

The ideal candidate will have a proven track record in information security risk management and expertise with industry frameworks (NIST, ISO, COSO, HITRUST, FAIR).

They will be responsible for designing and implementing our third-party risk management framework from the ground up, developing risk appetite strategies, and overseeing security assessments using OneTrust.

In addition, the successful candidate will collaborate with legal teams, stakeholders, and executives on critical security decisions, build scalable models, establish reporting processes, and create meaningful dashboards for leadership.

They will also stay ahead of emerging threats and regulatory requirements (PCI, GDPR, HIPAA, CCPA) and have hands-on experience with GRC tools (OneTrust, Security Scorecard, BitSight).

Requirements:

• \
• Proven track record in information security risk management\
• Expertise with industry frameworks (NIST, ISO, COSO, HITRUST, FAIR)\
• Hands-on experience with GRC tools (OneTrust, Security Scorecard, BitSight)\
• Experience building third-party risk management programs\
• Bachelor's in Computer Science, Engineering, or equivalent experience\
• CISA, CRISC, CISM, or CISSP certification preferred\
• Exceptional communication and organizational abilities\
• Self-motivated with strong problem-solving capabilities\
• Strategic thinking with global risk management experience\
• Ready to make their mark in cybersecurity risk management?\
• Share their resume to discuss how they can help build the future of third-party risk management\
• Stay ahead of emerging threats and regulatory requirements (PCI, GDPR, HIPAA, CCPA)\
• Industry leadership and strategic impact required\
• Security jobs and third-party risk management opportunities available\
• Cybersecurity and risk management skills essential\
• Lead and innovate in the field of cybersecurity risk management\
• Strong problem-solving and communication skills required\
• Job description: Cybersecurity risk management senior manager\
• Key responsibilities: Third-party risk management leadership\
• Collaborate with legal teams and stakeholders on critical security decisions\
• Develop risk appetite strategies and oversee security assessments\
• Build scalable models and establish reporting processes\
• Stay ahead of emerging threats and regulatory requirements\
• Experience with industry frameworks and GRC tools required\
• Industry leadership and strategic impact required\
• Job type: Full-time\
• Work environment: On-site\
• Language proficiency: English\
• Education level: Bachelor's degree or higher\
• Certifications: CISA, CRISC, CISM, CISSP\
• Skills: Communication, problem-solving, strategic thinking, global risk management\
• Work schedule: 40 hours per week\
• Location: [Location]\
• Travel: Up to 20% of work time may be spent traveling for business purposes\
• Relocation assistance: Yes\
• Employee benefits: Comprehensive health insurance, retirement plan, paid time off\
• Job category: IT and technology\
• Employer: [Employer name]\
• Company size: Large organization\
• Company type: Private company\
• Ref ID: #J-18808-Ljbffr\
• DE - BEBE1_DE\
• Category: Technology\
• Req Number: REQU00000\
• Division: Corporate Functions\
• Department: Information Security\
• Requisition ID: Req#12345\
• Business area: Information Security\
• Functional area: Third-Party Risk Management\
• Organization: Corporate Functions\
• Suborganization: Information Security\
• LOB: Corporate Functions\
• FTE ID: FTE001\
• JOBDISPLAYNAME: Senior Manager\
• PostTitle: Senior Manager\
• Purpose: The purpose of this job is to lead and innovate in the field of cybersecurity risk management.\
• Summary: We are looking for a highly skilled and experienced Senior Manager to lead our third-party risk management program within the Information Security team.\
• Knowledge, Skills, and Abilities:\
  • \
  • Strong knowledge of information security risk management principles and practices\
  • Excellent communication and interpersonal skills\
  • Ability to analyze complex data and make informed decisions\
  • Strong problem-solving and analytical skills\
  • Ability to work effectively in a team environment\
  • Strategic thinking and planning skills\
  • Leadership skills and ability to motivate and direct others\
  • Ability to develop and implement effective risk management strategies\
  • Knowledge of industry frameworks and standards (e.g., NIST, ISO, COSO, HITRUST, FAIR)\
  • Experience with GRC tools (e.g., OneTrust, Security Scorecard, BitSight)\
  • Ability to stay up-to-date with emerging trends and technologies in the field of cybersecurity risk management\
  • Strong understanding of regulatory requirements and industry standards\
  • Ability to develop and maintain effective relationships with internal and external stakeholders\
  • Strong analytical and problem-solving skills\
  • Ability to work in a fast-paced environment and prioritize multiple tasks and deadlines\
  • Leadership and teamwork skills\
  • Communication and presentation skills\
  • Project management skills\
  • Change management skills\
  • Coaching and mentoring skills\
  • Recruitment and talent management skills\
  • Operational management skills\
  • Financial management skills\
  • Planning and budgeting skills\
  • Monitoring and evaluation skills\
  • Reporting and analysis skills\
  • Process improvement skills\
  • Training and development skills\
  • Talent acquisition and retention skills\
  • Employee engagement and motivation skills\
  • Leadership and succession planning skills\
  • Strategy and change management skills\
  • Learning and development skills\
  • Mentoring and coaching skills\
  • Performance management skills\
  • Succession planning skills\
  • Public speaking skills\
  • Team leadership skills\
  • Decision-making skills\
  • Problem-solving skills\
  • Analysis and research skills\
  • Time management skills\
  • Effective communication skills\
  • Interpersonal skills\
  • Adaptability and flexibility\
  • Results-driven mindset\
  • Professional certification\
  • Relevant experience\
  • English language proficiency\
  • Industry certifications\
  • Professional network\
  • Online presence\
  • Transferable skills\
  • International experience\
  • Short-term goals\
  • Long-term goals\
  • Role model for leadership behavior\
  • Commitment to quality and excellence\
  • Quality mindset\
  • Standardized procedures\
  • Practice-oriented approach\
  • Methodical approach\
  • Highly organized and structured\
  • Accountability\
  • Result orientation\
  • Process optimization\
  • Regulatory compliance\
  • Improved efficiency\
  • Sustainable growth\
  • Regular communication\
  • Active listening\
  • Feedback provision\
  • Open-mindedness\
  • Flexibility\
  • Responsiveness\
  • Efficient decision-making\
  • Established decision-making process\
  • Measurable performance indicators\
  • Analytical thinking\
  • Flexible thinking\
  • Cost-efficient solutions\
  • Corporate social responsibility\
  • Social responsibility\
  • Well-being at work\
  • Balance between work and private life\
  • Commuting distance\
  • Best employee compensation\
  • Competitive salary range\
  • Professional development\
  • Flexible working conditions\
  • Supportive working atmosphere\
  • Productivity incentives\
  • Additional family leave\
  • Onboarding program\
  • Initial training\
  • Integration into existing project\
  • Working abroad\
  • Double earned income for international assignment\
  • Use of official car\
  • Telecommuting option\
  • Minimal commuting distance\
  • Merit-based remuneration system\
  • Consideration of individual circumstances\
  • Regular feedback sessions\
  • Compensation and performance review cycle\
  • Opportunities for professional growth\
  • Clear communication about expectations\
  • Recognition and rewards system\
  • Worldwide career opportunities\
  • Continuous learning opportunities\
  • Customizable workplace setup\
  • Reduced stress due to comprehensive work-life balance support\
  • Artificial intelligence used in the recruitment process\
  • Equal employment opportunity employer\
  • Transparency around pay structure and recognition programs\
  • Interesting projects and diverse challenges\
  • Clear task definition and prioritization\
  • Psychological safety\
  • Close collaboration with colleagues\
  • Trustful culture\
  • No implementation of artificial intelligence in the recruitment process\
  • Less paperwork involved in hiring process\
  • Testimonials from current employees\
  • Response rate when contacting HR department\
  • Features of everyday work\
  • Perks provided by the company\
  • Number of days' annual paid vacation time\
  • Known holidays and days off\
  • University assistance\
  • Disability support\
  • Concierge services\
  • Library resources\
  • On-premises cafeteria\
  • Various sports clubs\
  • Sports event tickets\
  • Christmas party and summer outing\
  • Book voucher or author's honorarium\
  • Help with household moving costs\
  • Family nursing allowance\
  • Personnel home computer for daily use\
  • Dental treatment benefit\
  • Private hospital visits and remote medical care\
  • Accessibility features for different needs\
  • Availability of personal air purifier\
  • Evenings free of work commitment\
  • Customer service phone number\
  • ERF contribution limits for expats\
  • Retail store discounts\
  • Date of last update\
  • Changes approved by reviewer 0\
  • Rate count for all candidates who applied since launch date\
  • Percentage of applicants further processed after initial screening\
  • Average ranking score for all questions that were fully rated since launch date\
  • Text blocking functionality\
  • Guest interview template updated in UI and backend\
  • Public developer API endpoints ready to use\
  • Application context variable that was not supposed to send applicant keyword name itself added into standard response body\
  • This version has been enhanced by making bulk of question templates shareable again\
  • Accuracy checking failed candidates saved to qualified pool results in recruiter forgetting which test results belong to failing candidates\
  • Comparison between normalized word frequencies was increased to better represent grammatical variation.\
  • DeltaSC 9.15 is now deprecated as it is replaced by newer Delta integration while providing same functionality.\
  • POLYMORPHICABILITYFORSCORECARD \
  • (