Cloudflare
Manager, Security Third Party Risk Management
Job Posted 5 Days Ago
Be an Early Applicant
Manage the third party risk program, lead vendor assessments, negotiate contract terms, and oversee a team of specialists in risk management.
The Team
We are looking to hire an experienced manager for our Third Party Risk Program on our Security Governance, Risk, and Compliance team. This role will be responsible for managing a team of third party risk specialists, overseeing vendor & data center security reviews, and maturing our third party risk program & tooling.
What you'll do
- Own and manage our third party risk management program controls including vendor risk assessments, security contract terms, and continuous monitoring.
- Determine strategy for assessing and tiering Cloudflare vendors based on security impact.
- Lead Cloudflare's vendor risk assessment process by setting security policies and standards for various types of vendor engagements.
- Ensure that vendors are assessed in accordance with Cloudflare's security policies and standards.
- Support negotiation of security contract terms with vendors by maintaining guidance for Contracts/Legal teams and addressing contract escalations.
- Manage risk findings and policy exceptions identified through the vendor assessments by assessing risk, compensating controls, and determining acceptable risk thresholds.
- Partner with Sourcing, Contracts, Legal, Privacy, and Security teams to support Cloudflare's vendor lifecycle including onboarding, implementation, monitoring, and offboarding.
- Support the design and implementation of a new Procurement tool.
- Manage, engage, and grow a distributed team of Third Party Risk Management Specialists.
- Travel as needed to engage teammates, stakeholders, and vendors in San Francisco, Austin, or other global Cloudflare locations.
Examples of desirable skills, knowledge and experience
- Experience typically gained in 5-8 years working in Security GRC
- Experience managing a third party risk program
- Experience managing a team of GRC specialists
- Solid understanding of security contract terms
- Strong leader and business partner
- Strong organizational, analytical, and interpersonal skills
Top Skills
And Compliance
Procurement Tools
Risk
Security Governance
Similar Jobs at Cloudflare
Cloud • Information Technology • Security • Software • Cybersecurity
Lead and execute technology and cybersecurity audits, improving insights through data analytics. Communicate findings and mentor team members, focusing on risk management.
Top Skills:
AICybersecurity FrameworksData Analytics
Cloud • Information Technology • Security • Software • Cybersecurity
Lead and manage Cloudflare's operational audit plan, conducting risk assessments, executing audits, and providing actionable recommendations to improve risk management and controls.
Top Skills:
Accounting PrinciplesAudit MethodologiesData AnalyticsInternal AuditingRisk Assessment
Cloud • Information Technology • Security • Software • Cybersecurity
Lead operations, strategic initiatives, and communications for the CTO's team, collaborating with Product Managers and Engineering Leaders to launch new technology.
Top Skills:
CommunicationsProduct ManagementProject Management
What you need to know about the Calgary Tech Scene
Employees can spend up to one-third of their life at work, so choosing the right company is crucial, not just for the job itself but for the company culture as well. While startups often offer dynamic culture and growth opportunities, large corporations provide benefits like career development and networking, especially appealing to recent graduates. Fortunately, Calgary stands out as a hub for both, recognized as one of Startup Genome's Top 100 Emerging Ecosystems, while also playing host to a number of multinational enterprises. In Calgary, job seekers can find a wide range of opportunities.
