J

Manager, Cybersecurity Governance Risk & Compliance

Jobgether • United State
Remote
Apply
AI Summary

Lead and scale enterprise Third-Party Risk Management (TPRM) and cybersecurity governance functions in a healthcare technology environment. Oversee vendor risk assessments, contract security reviews, continuous monitoring, and executive reporting. Requires 8+ years of cybersecurity experience, 2-3+ years of people management, and strong stakeholder collaboration skills.

Key Highlights
Senior leadership role in TPRM and cybersecurity governance
Lead team for vendor risk assessments, contract reviews, and continuous monitoring
Partner with legal, procurement, privacy, compliance, and IT teams
Drive automation and AI governance integration in risk practices
Executive reporting and audit readiness responsibilities
Key Responsibilities
Lead and develop a Third-Party Risk Management (TPRM) team including coaching, performance management, hiring, and capability building
Oversee daily TPRM operations including vendor risk assessments, contract security reviews, continuous monitoring, and remediation tracking
Review and approve high-risk vendor assessments, risk ratings, exception requests, and mitigation plans to ensure alignment with enterprise risk standards
Serve as escalation point for complex cybersecurity and vendor risk decisions, providing structured recommendations to leadership
Ensure consistent application of risk methodologies, governance frameworks, and documentation standards across all assessments
Partner with business, legal, procurement, compliance, privacy, and IT teams to manage third-party risk throughout the vendor lifecycle
Drive development and continuous improvement of cybersecurity policies, standards, and governance processes
Lead audit readiness activities and support regulatory and internal audit requests with complete, defensible documentation
Own executive reporting for the TPRM program including dashboards, KPIs, KRIs, and portfolio risk insights
Lead strategic initiatives to improve automation, operational efficiency, and maturity of the cybersecurity governance program
Integrate AI governance considerations into third-party risk practices in collaboration with legal, privacy, and compliance teams
Technical Skills Required
Third-Party Risk Management Cybersecurity Governance Risk Assessment Methodologies Vendor Risk Frameworks Policy Development Executive Reporting
Benefits & Perks
Competitive salary range: $118,000 - $167,700
100% remote work with flexibility across the United States
Comprehensive medical, dental, and vision insurance
Retirement savings plan and financial wellbeing programs
Paid time off, holidays, and flexible work arrangements
Professional development support including certifications and tuition reimbursement
Nice to Have
CISSP
CISM
CRISC
CISA
CCSP
CCSK
Experience with AI governance
Experience with TPRM platforms
Experience with cybersecurity frameworks such as NIST, ISO 27001, SOC 2, or HITRUST

Job Description


This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Manager, Cybersecurity Governance Risk & Compliance based in the United States.

This is a senior leadership role focused on strengthening and scaling an enterprise Third-Party Risk Management (TPRM) and cybersecurity governance function within a fast-paced, healthcare technology environment. You will lead a team responsible for vendor risk assessments, contract security reviews, continuous monitoring, and executive risk reporting. The role combines people leadership with hands-on risk oversight, requiring the ability to guide complex cybersecurity decisions while ensuring consistency, quality, and alignment with enterprise risk tolerance. You will partner closely with cross-functional stakeholders across legal, procurement, privacy, compliance, and technology to ensure third-party risks are properly identified and managed. In addition to operational leadership, you will play a key role in shaping governance frameworks, improving processes, and driving automation across the program. This is a high-visibility position where your work directly influences organizational resilience, regulatory readiness, and strategic vendor decision-making.

Accountabilities

  • Lead and develop a Third-Party Risk Management (TPRM) team, including coaching, performance management, hiring, and capability building.
  • Oversee daily TPRM operations including vendor risk assessments, contract security reviews, continuous monitoring, and remediation tracking.
  • Review and approve high-risk vendor assessments, risk ratings, exception requests, and mitigation plans to ensure alignment with enterprise risk standards.
  • Serve as escalation point for complex cybersecurity and vendor risk decisions, providing structured recommendations to leadership.
  • Ensure consistent application of risk methodologies, governance frameworks, and documentation standards across all assessments.
  • Partner with business, legal, procurement, compliance, privacy, and IT teams to manage third-party risk throughout the vendor lifecycle.
  • Drive development and continuous improvement of cybersecurity policies, standards, and governance processes.
  • Lead audit readiness activities and support regulatory and internal audit requests with complete, defensible documentation.
  • Own executive reporting for the TPRM program, including dashboards, KPIs, KRIs, and portfolio risk insights.
  • Lead strategic initiatives to improve automation, operational efficiency, and maturity of the cybersecurity governance program.
  • Integrate AI governance considerations into third-party risk practices in collaboration with legal, privacy, and compliance teams.

Requirements

  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field, or equivalent experience.
  • 8+ years of experience in cybersecurity, governance, risk management, compliance, or third-party risk management.
  • 2-3+ years of people management or team leadership experience.
  • Strong background in enterprise TPRM, cybersecurity governance, or GRC program leadership.
  • Deep understanding of risk assessment methodologies, cybersecurity controls, and vendor risk frameworks.
  • Experience developing policies, governance models, and executive-level reporting (KPIs, KRIs, dashboards).
  • Strong stakeholder management skills with the ability to influence executive and cross-functional decisions.
  • Excellent communication skills, with the ability to translate technical risk into business impact.
  • Experience supporting audits, regulatory requirements, and risk compliance initiatives.
  • Preferred certifications: CISSP, CISM, CRISC, CISA, CCSP, or CCSK.
  • Preferred: experience with AI governance, TPRM platforms, and cybersecurity frameworks such as NIST, ISO 27001, SOC 2, or HITRUST.

Benefits

  • Competitive salary range: $118,000 - $167,700 (based on experience)
  • 100% remote work with flexibility across the United States
  • Comprehensive medical, dental, and vision insurance
  • Retirement savings plan and financial wellbeing programs
  • Paid time off, holidays, and flexible work arrangements
  • Professional development support, including certifications and tuition reimbursement
  • Employee wellness, mental health, and assistance programs
  • Opportunity to lead and mature a high-impact enterprise cybersecurity program
  • Exposure to AI governance, advanced risk frameworks, and enterprise security strategy
  • Inclusive, people-first culture focused on collaboration, growth, and innovation

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.


Similar Jobs

Explore other opportunities that match your interests

Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

ladders

United State

Lead Security Policy and Training Manager

Cyber Security
•
5h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

cFocus Software Incorporated

United State

Senior Security Engineer

Cyber Security
•
6h ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Mid-Senior level

Insight Global

United State

Subscribe our newsletter

New Things Will Always Update Regularly