Senior Manager, Third Party Risk at TransUnion
What We'll Bring:
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we’re consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology.
What You'll Bring:
- Experience reviewing highly complex contracts.
- Experience with program governance.
- A strong understanding of information security risk assessment and management..
- Strong project management skills.
- Proficiency in Microsoft Office Suite (especially Excel).
We’d Love to See
- A degree in business administration, law or a related field
- Familiarity with industry frameworks and standards such as NIST Cybersecurity Framework, SSAE16, PCI, and ISO 27001/27002
Impact You'll Make:
As the Senior Manager, Third Party Risk Management, You will lead assessments of Third Parties seeking to establish a relationship with TransUnion as well as the annual/on-going HIPAA and Federal Information Security assessments. You will lead and mentor a small, dynamic team, and support information security risk control testing and monitoring.
- Review contracts, Master Service Agreements, Business Associate Agreements, and Request for Proposals (RFP), Statements of Work (SOW), to determine compliance with TransUnion policies, provide red lined recommendations, and assess contractual risk.
- Lead the Third Party Risk Management Governance function, ensuring adherence to existing policies and procedures.
- Maintain the global Third Party inventory and provide continuous monitoring for key activities and third parties.
- Support information security risk control testing and monitoring
- Track, report and present relevant metrics.
- Own and manage a portfolio of security projects (e.g., process improvement, assessments, other) in support of our overall Information Security strategy and annual plan objectives.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.