DoorDash USAposted 6 days ago
$156,400 - $230,000/Yr
Full-time - Mid Level
About the position
The Governance, Risk, and Compliance (GRC) team is looking for a Third-Party Risk Management (TPRM) Manager who will be responsible for leading a program to manage Third Party Supplier security risks. If you are comfortable and have experience managing a highly motivated team, fast-paced working environment, taking ownership of the Third Party Security Risk program and making room at the table to improve our security posture, we want to talk to you! You will report to the Sr. Manager - GRC our Security organization.
Responsibilities
- Manage the TPRM lifecycle, including risk assessments, due diligence questionnaires, new vendor onboarding, re-assessment, on-site audits, and contract reviews.
- Maintain TPRM tools, artifacts, and reporting capabilities to provide visibility into supplier risk exposure and ensure timely identification and mitigation of risks.
- Oversee the TPRM team, providing guidance and support to ensure vendor risk management.
- Be a key contact for internal stakeholders and external vendors regarding TPRM issues and inquiries.
- Partner with risk domain SMEs (i.e., sourcing team, CorpSec, IT, etc.) to develop and implement robust vendor risk management policy and procedures.
- Manage the team's OKRs to ensure the delivery of exceptional services and the team's engagement and development.
Requirements
- Minimum of 6+ years with third-party risk management methodologies & managing a third-party risk management function.
- Bachelor’s or Master’s degree in Information Security, Computer Science, Business Administration, or related field.
- Experience with information security, privacy, compliance frameworks, and risk management principles (e.g., NIST, ISO 27001, SOC 2).
- Experience with banking regulation (e.g., GLBA).
- Experience with third-party risk systems, including survey techniques and scoring systems.
- Experience with how systems work, what security risks affect a variety of data, applications, and infrastructure, and how those risks translate to third parties.
- Experience solving complex, systemic issues that require creative thinking and solutions.
- Excellent verbal and written communication skills - you are able to translate business requirements into technical solutions and vice versa easily.
Nice-to-haves
- CISA, CISSP, or other industry certifications are a plus.
Benefits
- 401(k) plan with an employer match.
- Paid time off.
- Paid parental leave.
- Wellness benefits.
- Several paid holidays.
- Paid sick leave in compliance with applicable laws.
- Medical, dental, and vision benefits.
- Disability and basic life insurance.
- Family-forming assistance.
- Commuter benefit match.
- Mental health program.
Hard Skills
Security Risk
2
Compliance Risk
1
Contract Review
1
Risk Management
1
Team Management
1
4Uj jNQFP gKiDbMAewcW
0
6tIGAc3JHz gdpOmyVfqjzNb
0
7I9S6 0B8Gz5FMbQml
0
9zr16PVFflLa eX6o5
0
Dp4MX VdNLKB2gj7q
0
LUnpP1Vui iGdfN
0
MX4U DxyRuKfYSk
0
PWp kW2rC by3YjhOgd47
0
Qk4Hz ERJsbUWO8IQ
0
RGnb91sxC MPnZ9CXV
0
TXsfaCwyq RxobudNE8
0
Ui9SreD UbtzS0hPOLW95V T5labiA
0
W72 TbLFu KkqcVg4yo96
0
cqZLSx2P5 SRNmg
0
p2tHN 1CeWGl3q8Ix
0
q7hvHAVp sya4ui3tEbC
0
twMUyJYjvTF
0
ua2G3 xJzkrc7ATIn
0
A Smarter and Faster Way to Build Your Resume