Senior Legal Risk Manager

Job Summary

A company is looking for a Sr. Legal Risk Manager responsible for managing a comprehensive third-party risk management program.

Key Responsibilities

• Design, implement, and improve the Third-Party Risk Management (TPRM) framework and oversee the Third Party Access Committee (TPAC)
• Evaluate third-party access requests and ensure compliance with federal, state laws, and industry best practices
• Collaborate with stakeholders to maintain an inventory of third parties and manage cybersecurity risks associated with vendors

Required Qualifications

• Bachelor's Degree in Information Technology, Cybersecurity, Risk Management, or a related field, or equivalent work experience preferred
• 5+ years of experience in third-party risk management or information security, with at least 2 years in a lead role
• Experience managing Third-Party Risk Management (TPRM) software and knowledge of security frameworks (e.g., NIST, HITRUST)
• Experience in conducting risk assessments and managing vendor relationships
• Familiarity with EHR/EMR systems and proficiency in analytical tools for data analysis and reporting