Fresenius Medical Care Logo

Fresenius Medical Care

Senior Manager, IT Third-Party Risk Management (TPRM)

Reposted 5 Days Ago
In-Office or Remote
Hiring Remotely in Canada
Senior level
In-Office or Remote
Hiring Remotely in Canada
Senior level
The Senior Manager of IT Third-Party Risk Management oversees the third-party risk program, enhances governance, streamlines processes, and collaborates with cross-functional teams to manage risks effectively across vendors.
The summary above was generated by AI

Hybrid - Upon agreement between you and your supervisor, you are entitled to a flexible arrangement where you will be able to split your time between working from the office and working remotely.

The Senior Manager, IT Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining process, automating workflows, and enabling leaders to make risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Information Technology Solutions (ITS), Cybersecurity & Privacy Solutions (CPS), Procurement, Legal, Compliance, and business personnel, to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Provide leadership of short- and long-term goals for IT Third-Party Risk Management.  Lead the effort to foster an environment of customer service, continuous improvement and consistent execution.

Program Leadership and Maturity

  • Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes

  • Establish and maintain program operating cadence (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)

  • Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry practices

  • Develop and maintain standard operating procedures, job aids, and training materials to ensure consistent execution

Stakeholder and Management Interaction

  • Serve as a trusted advisor to business owners, translating third-party risk into clear decision options

  • Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, and approvals align to governance and are documented

  • Partner with procurement to embed risk requirements into intake, sourcing, and ongoing vendor management

  • Collaborate with Legal, CPS, and Compliance to ensure contract provisions, control expectations, and due diligence are aligned and enforceable

TPRM Tooling, Automation and Decision Enablement

  • Own management and optimization of the organization’s TPRM technology platform

  • Design, configure, and enhance process workflows

  • Develop dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, concentration risk, critical vendor oversight, and periodic vendor reassessment

  • Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history

  • Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, risk acceptance trends)

Third-Party Risk Assessments and Lifecycle Management

  • Oversee third-party risk assessments, including inherent risk tiering

  • Ensure assessment scope are appropriate for vendor criticality, data sensitivity, and service impact

  • Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items

  • Maintain processes for periodic reassessments and continuous monitoring of high-risk/critical vendors

People Leadership

  • Lead, coach, and develop a team of TPRM professionals

  • Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership.

EDUCATION:

Required Qualifications

  • Bachelor’s degree or equivalent practical experience

  • 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines

  • 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity

  • Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement

  • Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting

  • Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions

  • Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation

Preferred Qualifications

  • Experience in regulated industries (financial services, healthcare, insurance, or similar)

  • Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)

  • Certifications such as CISA, CRISC, CISSP, CISM, or equivalent

  • Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model

Similar Jobs

2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Lead and build a cybersecurity sales team in the region, define and execute go-to-market and territory strategy, recruit and coach sales executives, drive pipeline generation and accurate forecasting, engage C-level stakeholders, collaborate across functions and partners, retain and grow customers, and achieve quarterly and annual revenue targets.
Top Skills: AIArmisCRMServicenowVeza
2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Design and build the agent execution harness and orchestration runtime to run LLM agents reliably at enterprise scale. Improve fault tolerance, latency, and throughput; add observability, prompt/versioning infrastructure, evaluation suites; integrate frontier LLMs and manage model routing/cost tradeoffs. Provide technical leadership, architecture decisions, and define system boundaries for agent behavior.
Top Skills: Agent FrameworksAi Observability (TracingApi DesignCloud-Native InfrastructureCost Tracking)Distributed SystemsEvaluation FrameworksLangchainLlamaindexLlmsMulti-Agent CoordinationPrompt Engineering
2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Sell ServiceNow cybersecurity SaaS to federal enterprise customers by developing C-suite relationships, orchestrating cross-functional account strategies, generating new business, negotiating deals, and aligning ServiceNow AI/security solutions to customers' IT roadmaps.
Top Skills: AIArmisSaaSServicenowVeza

What you need to know about the Colorado Tech Scene

With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.

Key Facts About Colorado Tech

  • Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
  • Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
  • Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
  • Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account