top of page

Third Party Risk Management Manger

United States (Remote)

Job Type

Full Time

Organization

Deckers Brands

Application Deadline

April 20, 2024

About the Role

The role of Third-Party Risk Management Manager will focus on these core capabilities:

Vendor Onboarding
Facilitate the onboarding process for new vendors, conducting risk assessments and due diligence to evaluate their security and compliance practices.
Risk Assessment
Conduct risk assessments for existing and potential vendors, evaluating their cybersecurity posture, data protection measures, and overall risk profile.
Policy Implementation
Implement and enforce third-party risk management policies and procedures, ensuring alignment with industry standards and regulatory requirements.
Contractual Reviews
Collaborate with legal and procurement teams to review vendor contracts, ensuring that security and compliance requirements are adequately addressed.
Continuous Monitoring
Implement and maintain a continuous monitoring program to track the security and performance of third-party vendors over time.
Issue Resolution
Work closely with vendors to address identified security issues or gaps, providing guidance and support for remediation efforts.
Documentation and Reporting
Maintain comprehensive records of third-party risk assessments and associated documentation.
Generate regular reports on the status of third-party risk management activities for management and relevant stakeholders.
Regulatory Compliance
Stay abreast of changes in regulations and industry standards related to third-party risk management, ensuring ongoing compliance.
Training and Awareness
Provide training and awareness sessions to internal stakeholders on third-party risk management best practices.
Incident Response Coordination
Collaborate with the incident response team to develop and implement plans that address security incidents involving third-party vendors.
Who You Are

The successful candidate for this role will have excellent communication skills, both verbally and written. Meticulous detail when executing your work with a strong appetite for learning new technologies and staying current with dynamic security and compliance trends. Strong analytical and problem-solving skills with curiosity that constantly compels you to ask, “Why?” Finally, you will bring a fantastic attitude of empathy and openness as you work with the Information Security team and our business partners.

Requirements

  • Bachelor’s degree in business, Information Security, Risk Management, or a related field
  • Proven experience with three (3) years in third-party risk management, vendor management, or a related role
  • Prior experience leading administration and management of a TPRM solution, such as Process Unity
  • Knowledge of cybersecurity, data protection, and privacy principles
  • Familiarity with relevant regulations and standards (e.g., GDPR, PCI, NIST, ISO 27001)
  • Strong analytical and problem-solving skills
  • Excellent communication and interpersonal skills
  • Ability to work collaboratively across departments and with external vendors
  • Relevant certifications (e.g., CTPRP, CRISC, CISSP, CISA, CISM) are a plus

About the Company

Deckers Brands is a global organization that has been developing and nurturing brands into global icons since 1973. We design, market, and distribute footwear, apparel, and accessories developed for both everyday casual lifestyle uses and high-performance activities. Our portfolio of brands includes UGG®, Koolaburra®, HOKA®, Teva® and Sanuk®.

bottom of page