Third Party Risk Manager

Requirements

• Bachelor's Degree
• Information Technology and/or Cybersecurity background and/or experience, including 5-8+ years of IT, cybersecurity, risk management, or third-party risk experience with network, platform, and/or application technology
• One or more of the following certifications required: Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Third Party Risk Assessor (CTPRA)
• Certified in Risk and Information Systems Control (CRISC) preferred
• Strong knowledge of security domains such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, cloud security, or web security
• Working knowledge of one or more compliance frameworks such as SOC 2, ISO 27001, NIST, HIPAA, PCI DSS, or HITRUST
• Experience managing multiple projects and teams in a fast-paced consulting environment
• Demonstrated leadership experience overseeing project execution, client relationships, and team performance
• Proven ability to learn new technologies and systems, especially through independent research and self-study
• Strong verbal and written communication skills with the ability to present technical information to both technical and executive audiences
• Ability to manage project schedules, budgets, staffing, and client expectations
• Ability to travel domestically an average of 20%-50% per year
• Bachelor's and/or advanced degree with a concentration in Cybersecurity, Risk Management, Computer Science, Management Information Systems, or related field
• Experience working with or assessing third-party vendors and service providers
• IT or cybersecurity experience at a leading public company, consulting firm, or regulated industry organization
• Experience with Archer, ProcessUnity, ServiceNow, OneTrust, or

Benefits

Additional Information

Your Journey at Crowe Starts Here: At Crowe, you can build a meaningful and rewarding career. With real flexibility to balance work with life moments, you're trusted to deliver results and make an impact. We embrace you for who you are, care for your well-being, and nurture your career. Everyone has equitable access to opportunities for career growth and leadership. Over our 80-year history, delivering excellent service through innovation has been a core part of our DNA across our audit, tax, and consulting groups. That's why we continuously invest in innovative ideas, such as AI-enabled insights and technology-powered solutions, to enhance our services. Join us at Crowe and embark on a career where you can help shape the future of our industry. Job Description: Manager - Third Party Risk The position will be primarily responsible for managing and leading the assessment of the information security posture of key clients' third parties while overseeing the overall execution, quality, and delivery of assessments. The position will work within a Crowe team at a client or third-party site and be responsible for leading teams in identifying key risks, information security gaps, and remediation strategies. This role will also serve as a trusted advisor to client leadership and provide mentorship and oversight to junior team members. Projects would be performed through interacting with the client's Information Security and Business Unit leadership, as well as the client's vendors, service providers, and partners. Specific projects and responsibilities may include: Leading Third Party Risk Assessments by evaluating third-party questionnaire responses, performing control validation, and assessing documentation per established procedures and standards Managing and overseeing assessment teams, project timelines, and client deliverables across multiple engagements Performing and overseeing site visits to third-party facilities Evaluating the effectiveness of security controls for compliance with applicable policies, security laws, regulations, and industry standards Assessing cloud technologies such as Software as a Service (SaaS) hosted applications, Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) deployments Documenting information security risk and compliance findings, presenting recommendations for remediation, and communicating results to client leadership Performing quality assurance reviews of assessments completed by team members to ensure consistency and accuracy Delivering high-quality, executive-level reports and presentations Coordinating schedules, resource allocation, and assessment activities for key third-party clients while overseeing all key deliverables Supporting business development initiatives, client relationship management, and practice growth efforts Mentoring, coaching, and developing staff and senior consultants within the practice Our clients operate in and our team members work across the following industries: Pharmaceutical Life Sciences Biotechnology Healthcare Manufacturing Financial Services Technology, Media and Telecommunications

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at crowe? Share your experience