Fresenius Medical Care Logo

Fresenius Medical Care

Senior Manager, IT Third-Party Risk Management (TPRM)

Reposted 11 Days Ago
In-Office or Remote
Hiring Remotely in Canada
Senior level
In-Office or Remote
Hiring Remotely in Canada
Senior level
The Senior Manager of IT Third-Party Risk Management oversees the third-party risk program, enhances governance, streamlines processes, and collaborates with cross-functional teams to manage risks effectively across vendors.
The summary above was generated by AI

Hybrid - Upon agreement between you and your supervisor, you are entitled to a flexible arrangement where you will be able to split your time between working from the office and working remotely.

The Senior Manager, IT Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining process, automating workflows, and enabling leaders to make risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Information Technology Solutions (ITS), Cybersecurity & Privacy Solutions (CPS), Procurement, Legal, Compliance, and business personnel, to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Provide leadership of short- and long-term goals for IT Third-Party Risk Management.  Lead the effort to foster an environment of customer service, continuous improvement and consistent execution.

Program Leadership and Maturity

  • Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes

  • Establish and maintain program operating cadence (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)

  • Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry practices

  • Develop and maintain standard operating procedures, job aids, and training materials to ensure consistent execution

Stakeholder and Management Interaction

  • Serve as a trusted advisor to business owners, translating third-party risk into clear decision options

  • Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, and approvals align to governance and are documented

  • Partner with procurement to embed risk requirements into intake, sourcing, and ongoing vendor management

  • Collaborate with Legal, CPS, and Compliance to ensure contract provisions, control expectations, and due diligence are aligned and enforceable

TPRM Tooling, Automation and Decision Enablement

  • Own management and optimization of the organization’s TPRM technology platform

  • Design, configure, and enhance process workflows

  • Develop dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, concentration risk, critical vendor oversight, and periodic vendor reassessment

  • Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history

  • Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, risk acceptance trends)

Third-Party Risk Assessments and Lifecycle Management

  • Oversee third-party risk assessments, including inherent risk tiering

  • Ensure assessment scope are appropriate for vendor criticality, data sensitivity, and service impact

  • Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items

  • Maintain processes for periodic reassessments and continuous monitoring of high-risk/critical vendors

People Leadership

  • Lead, coach, and develop a team of TPRM professionals

  • Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership.

EDUCATION:

Required Qualifications

  • Bachelor’s degree or equivalent practical experience

  • 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines

  • 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity

  • Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement

  • Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting

  • Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions

  • Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation

Preferred Qualifications

  • Experience in regulated industries (financial services, healthcare, insurance, or similar)

  • Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)

  • Certifications such as CISA, CRISC, CISSP, CISM, or equivalent

  • Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model

Similar Jobs

12 Minutes Ago
Remote or Hybrid
150K-200K Annually
Senior level
150K-200K Annually
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Build and own low-level sensor infrastructure connecting the Falcon Sensor to the cloud: network communications, connection lifecycle, cryptographic integration, content delivery, and secure on-device storage across Windows, Linux, and macOS. Drive design, cross-team integration, production validation, incident resolution, testing improvements, and mentor junior engineers.
Top Skills: Ai TechnologiesCC++Content DeliveryCryptographyEdrEndpoint SecurityFalcon SensorKernel-Adjacent DevelopmentLinuxmacOSNetwork ProtocolsOn-Device Secure StorageWindows
An Hour Ago
Remote or Hybrid
Seattle, WA, USA
91K-322K Annually
Senior level
91K-322K Annually
Senior level
Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
Lead cross-functional transformation to design scalable, governed content supply chains. Align business, product, and technical teams to reduce duplication, implement reusable content models and cross-channel distribution, manage platform implementations, and drive operational process improvements and execution across content and digital experience initiatives.
Top Skills: Content Management SystemsDigital PlatformsMartechReusable Content ModelsStructured Content
An Hour Ago
Remote or Hybrid
Seattle, WA, USA
99K-266K Annually
Mid level
99K-266K Annually
Mid level
Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
Lead and advise financial services clients on local and international real estate tax matters. Manage tax compliance, structuring, and risk; analyze tax proposals and financial trends; draft tax documents; oversee project delivery and client relationships; coach and develop team members; apply strategic tax planning and capital requirement considerations to client solutions.

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account