Third Party Risk Manager

Company Overview

is the next-generation digital identity wallet that simplifies how individuals securely prove their identity online. Consumers can verify their identity with  once and seamlessly login across websites without having to create a new login and verify their identity again.  serves over 152 million users and works with federal, state, healthcare, and consumer brands to verify communities and user segments. ’s technology meets federal standards for consumer authentication and is approved as a NIST 800-63-3 IAL2 / AAL2 credential service provider.

’s motto is “No Identity Left Behind.” For more information, visit (Use the "Apply for this Job" box below)..

The  security team is looking for a proven Staff Third Party Risk Manager. This role will help drive and implement risk management practices to maintain rigor over supply chain security operations. Activities include roadmap design, control design, assessment operations, and key metrics. The role collaborates with teams across the company to assess and manage risks when using third and fourth parties.

This position will perform critical operations across procurement and customer assurance, building trust with customers through questionnaires and audit support.

This multifaceted role combines project management, delivery management, and systems analysis responsibilities, with strategic thinking and tactical execution to enhance the customer experience, business resiliency, and technology footprint.

This role is based out of our Mountain View, CA or McLean, VA offices and requires full-time in-office attendance.

• Work cross functionally with Security, IT, Engineering, Product, and Finance to evaluate vendors and assess supply chain risks.
• Keep detailed assessment records and ERM control mappings to vendor operations in a high volume environment.
• Own responding to customer assurance requests such as security questionnaires, security reviews and similar engagements.
• Perform control based assessments of vendor documentation (SOC
  2) or industry standard customer questionnaires (CAIQ, SIG CORE or SIG LITE).
• Understand the MITRE System of Trust (SoT) Framework.
• Direct enablement of Sales opportunities by participating in RFP, RFI, contracts and other sales opportunity deliverables.
• Regular, effective, repeatable reporting at all levels of the organization on vendor risk and operations.
• Run engagements with customer auditors, educate and demonstrate compliance.
• Communicate effectively with management with ideas and recommendations for optimizing business operations, resources, and capacity to meet compliance goals.
• Develop and propose key program performance and risk metrics.
• Create and mature procedural documentation, including training materials or process documentation.
• Develop, maintain, and update AI tools and services, reducing the impact of Third Party Risk management Operations.

• BA or BS in a technical field or equivalent experience.
• 7+ years of program management experience.
• 5+ years of experience managing third party risk programs end-to-end.
• 4+ years of experience with major compliance audits (FedRAMP, SOC 2, HIPAA, etc.).
• Owner and builder of risk management processes with the ability to own findings and fix issues with minimal supervision.
• Familiar with SaaS product design and cloud architecture.
• Deep understanding of common business processes and functions in enterprise environments.
• Excellent verbal, written and interpersonal communication skills with both technical and non-technical audiences.
• CCSP, CISSP, CISA, and similar certifications are a plus.

LI-JS1

The annual base salary listed does not include a company bonus, incentive for sales roles, equity, and benefits which will be determined based on experience, skills, education, relevant training, geographic location and role.

offers comprehensive medical, dental, vision, health savings account, flexible spending accounts, life and AD&D insurance, 401(k) with company match, parental leave, unlimited paid time off subject to the PTO policy, holidays, disability insurance, and other voluntary benefits. Final offers may vary based on qualifications, location, and role.

Work Location
:  is a full-time, in-office culture with roles on-site at one of our offices in McLean, VA;
Mountain View, CA;
New York City, NY; or Tampa, FL unless a role specifies otherwise.

Equal Opportunity
:  maintains a work environment free from discrimination.  is an equal employment opportunity employer and does not discriminate based on age, race, color, sex, gender identity, national origin, disability, or any other protected status. Reasonable accommodation is provided as required by law.

This posting may include additional standard information related to job posting requirements and legal disclosures in effect at the time of posting.