The Staff Digital Auditor will oversee Third-Party Risk Management, ensuring compliance, managing performance, and continually improving governance frameworks and risk strategies in collaboration with external partners.
Job Description SummaryAs Staff Digital Auditor, you will play a key role in setting the strategy of Third-Party Risk Management (TPRM) for GE Vernova as well as overseeing and governing services delivered by our external Managed Service Provider (MSP). This role is responsible for ensuring that the MSP meets contractual obligations and performance indicators, as well as tracking, reporting and handling escalations.
This role will ensure that our TPRM strategy, standards, and governance framework remain effective, consistent, and aligned with organizational objectives. The individual will act as the GE Vernova point of contact of TPRM governance, driving oversight, compliance, and continuous improvement.Job Description#LI-Remote - This is a remote position
This role will ensure that our TPRM strategy, standards, and governance framework remain effective, consistent, and aligned with organizational objectives. The individual will act as the GE Vernova point of contact of TPRM governance, driving oversight, compliance, and continuous improvement.Job Description
Key Responsibilities
- Governance & Oversight
- Maintain and operationalize the organization’s TPRM strategy, playbook, standard work, and governance framework.
- Establish and maintain governance frameworks to oversee MSP TPRM operations.
- Monitor compliance with contractual obligations and performance indicators (KPIs/SLAs).
- Conduct regular governance meetings with the external partner and internal stakeholders.
- Risk & Compliance
- Ensure adherence to organizational policies, regulatory requirements, and industry standards.
- Monitor risk assessments, control testing, and remediation of findings.
- Review and assess supplier-proposed contract redlines related to cybersecurity requirements to ensure alignment with organizational standards and risk posture.
- Performance Management
- Track and report on third-party performance, including but not limited to, incident response, vulnerability management, and risk remediation.
- Review monthly/quarterly security metrics, dashboards, and reports for accuracy and effectiveness.
- Escalate risks, gaps, and deviations to senior leadership with actionable recommendations.
- Stakeholder Management
- Act as the liaison between the TPRM organization and the MSP cybersecurity partner.
- Partner with DT, Cyber, Legal, Sourcing and Business teams to ensure security alignment with business objectives.
- Provide clear and timely communication on risks, incidents, and remediation status.
- Continuous Improvement
- Drive process improvements in governance, risk management, and compliance monitoring.
- Monitor industry trends, regulations, and emerging risks to keep TPRM strategy up to date.
- Benchmark MSP services against industry best practices.
- Recommend enhancements to security policies, standards, and frameworks.
Skills
- Strong understanding of third-party/vendor cyber risk management.
- Experience with cybersecurity frameworks: ISO 27001, NIST CSF, etc.
- Familiarity with regulatory requirements.
- Strong audit experience and ability to review technical/operational security reports.
- Excellent stakeholder management and communication skills.
- Professional certifications preferred: ISO 27001 LA, CISA etc.
Relocation Assistance Provided: No
Top Skills
Iso 27001
Nist Csf
Similar Jobs
Cloud • eCommerce • Enterprise Web • Information Technology • Software
The Strategic Account Executive will manage full life-cycle sales, develop account strategies, build client relationships, and exceed sales quotas in the SaaS industry.
Top Skills:
Salesforce
Productivity • Sales • Software
As an Implementation Consultant, you will manage software implementation projects, train clients, and enhance their use of monday.com products while maintaining strong relationships with stakeholders.
Top Skills:
APIsGraphQLMonday.Com
Artificial Intelligence • eCommerce • Information Technology • Internet of Things • Automation
The Managed Services Engineering Manager leads engineering teams, ensuring service delivery, customer satisfaction, and continuous improvement while managing operational costs and resources.
Top Skills:
CiscoFive9IbmItilMicrosoftMicrosoft TeamsRingcentralVMwareWebexZoom
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
