Search Results

Jillian Kwong, MIT Sloan School of Management Securing the Fleet: Collaborative Cybersecurity Strategies for Large Firms and their Small and Medium Suppliers Track 4: Charting the Course (Regulation & Compliance) Wednesday, April 9, 2025 2:10 PM - 3:00 PM Tides 1 & 2 SESSION DESCRIPTION Tired of seeing your supply chain vulnerable to cyberattacks? Many large companies expect their small and medium suppliers to fend for themselves against cyber threats. The reality is that increasing security requirements coupled with limited resources, knowledge gaps, and understaffed security teams cripple small and medium enterprises’ (SMEs) ability to be… Show More SPEAKERS Jillian Kwong Research Scientist Cybersecurity at MIT Sloan (CAMS) Dr. Jillian Kwong, PhD, is a Research Scientist at the Cybersecurity at MIT Sloan (CAMS). Her work focuses on enhancing cybersecurity and building resilience in the supply chain for small and medium-sized enterprises (SMEs). Dr. Kwong specializes in qualitative and mixed-method research, leveraging her expertise in communication, data protection, human behavior, and organizational studies to explore the human aspects of cybersecurity. At CAMS, she leads several research grants examining SMEs,… Show More Previous Next

Julie Gaiaschi CEO & Co-Founder Third Party Risk Association (TPRA) Roundtable: Leadership (Invite Only!) Track 3: Surfing the Waves of Innovation & Automation Wednesday, April 9, 2025 1:00 PM - 1:50 PM Atlantic Ballroom 3 SESSION DESCRIPTION Captains of the Fleet: Leadership Roundtable on TPRM (Invite Only) Ahoy, esteemed captains! This exclusive, invite-only roundtable gathers top leaders and decision-makers to share high-level insights on steering the ship through the evolving waters of third-party risk management. In this session, discuss the strategic challenges facing TPRM leadership today, from… Show More SPEAKERS Previous Next

Garrett Close, Manager, GRC, Amplitude & Blake Hoge, Third Party Security, AirBNB Mastering the Vendor Tango: Navigating Third-Party Risk from Both Sides Track 3: Surfing the Waves of Innovation & Automation Tuesday, April 8, 2025 4:10 PM - 5:00 PM Atlantic Ballroom 3 SESSION DESCRIPTION Managing third-party risk is essential for keeping your business secure, but it can feel like walking a tightrope. On one side, you’re busy vetting your vendors, and on the other, you’re making sure you’re ready for your own customers’ scrutiny. In this lively session, we’ll tackle both challenges head-on. You’ll… Show More SPEAKERS Blake Hoge Third Party Security AirBNB Blake Hoge is a seasoned tech industry professional and co-founder of Amplify GRC. With a diverse background spanning start-ups and enterprise giants like Airbnb, Instacart, and Salesforce, Blake excels in navigating complex security and compliance challenges. His expertise in governance, risk management, and third-party security, coupled with a passion for building customer trust, enables businesses to succeed in dynamic environments. Partnering with co-founder Garrett Close, Blake delivers innovative solutions that… Show More Garrett Close Manager, GRC Amplitude Garrett Close is a GRC Manager at Amplitude, bringing extensive experience from top companies like Discord, Uber, and Salesforce. In his current role, Garrett oversees programs focused on compliance audits, customer trust, third-party risk, and risk management, driving initiatives that align regulatory needs with business objectives. With a strong background in governance, risk, and compliance (GRC), he empowers organizations to tackle complex regulatory challenges, enhance operational resilience, and strengthen security… Show More Previous Next

Naomi Ward, Manager Vendor Risk Management, Commonwealth of Massachusetts EOTTS - ERM Overcoming Obstacles Track 3: Surfing the Waves of Innovation & Automation Wednesday, April 9, 2025 2:10 PM - 3:00 PM Atlantic Ballroom 3 SESSION DESCRIPTION Starting a Third Party Risk Management (TPRM) program from scratch can be a daunting task filled with unforeseen challenges. This engaging session will empower attendees with actionable insights and lessons learned from building successful TPRM programs. Explore the concept of "Failing Forward," turning setbacks into stepping stones for growth. Gain… Show More SPEAKERS Naomi Ward Manager Vendor Risk Management Commonwealth of Massachusetts EOTTS - ERM Naomi Ward is the Commonwealth of Massachusetts expert in Third Party Risk Management. In her current role with the Enterprise Risk Management Office, she works closely with senior leadership to incorporate risk awareness into the process of decision-making. Her current responsibilities include conducting assessments, expanding third-party continuous monitoring programs, collaborating with Commonwealth Secretariate CISO’s, building relationships with key partners including StateRAMP, developing tools for enterprise communication, and creating internal training… Show More Previous Next

Welcome & Kick-Off with TPRA Captain Julie Gaiaschi Welcome & Kick-Off General Session Tuesday, April 8, 2025 8:45 AM - 9:00 AM Atlantic Ballroom 4-8, Main Level SESSION DESCRIPTION All hands on deck! Join us as Julie Gaiaschi, CEO & Co-Founder of the Third Party Risk Association (TPRA), officially launches our journey into "Navigating Risky TPRM Waters." From 8:45 to 9:00 AM, Captain Gaiaschi will welcome attendees aboard, share her vision for this pirate-themed, TPRM adventure, and outline the… Show More SPEAKERS Julie Gaiaschi CEO & Co-Founder Third Party Risk Association Julie Gaiaschi, CISA, CISM, is the CEO & Co-Founder of the Third Party Risk Association (TPRA). She has over 15 years of technology and information security risk experience, with the last 10 years specializing in third party risk identification and mitigation techniques. In her role as CEO, she provides strategic direction for the non-profit, whose mission it is to further the third party risk profession through knowledge sharing and networking… Show More Previous Next

Kick off Day 2 with TPRA Captain Julie Gaiaschi! Opening Remarks General Session Wednesday, April 9, 2025 8:45 AM - 9:00 AM Atlantic Ballroom 4-8, Main Level SESSION DESCRIPTION All hands on deck! Join us as Julie Gaiaschi, CEO & Co-Founder of the Third Party Risk Association (TPRA), officially launches our journey into "Navigating Risky TPRM Waters." From 8:45 to 9:00 AM, Captain Gaiaschi will welcome attendees aboard, share her vision for this pirate-themed, TPRM adventure, and outline the… Show More SPEAKERS Previous Next

Session Information Coming Soon! Track 1: Anchoring TPRM Essentials & Best Practices Tuesday, April 8, 2025 10:00 AM - 10:50 AM Atlantic Ballroom 1 SESSION DESCRIPTION SPEAKERS Previous Next

< Back Coming Soon! Wednesday, February 12, 2025 10:30 - 10:55 AM CT TPRM Services Globe Mail Search Search Presenter(s) Previous Next

< Back Account Executive - Risk Apply Now Remote Job Type Full Time sales Organization NContracts Application Deadline December 24, 2024 About the Role THE ROLE  We are currently seeking an experienced Account Executive to join our growing Sales Team! You will have 5+ years of software sales experience in the financial services industry. In this role, you will be a hands-on direct sales executive with a specified territory within the United States, interfacing with key VP and C-Suite decision-makers in financial institutions, utilizing a consultative and collaborative selling approach. You will be focused on driving deep engagement at your accounts to understand their approach to Vendor Management, Risk Management, and Compliance. It will be your job to find opportunities and ultimately sell the right product, to the right customer at the right time. YOU WILL  · Identify new opportunities and proactively develop leads within the compliance and risk management functional area of financial institutions. · Lead well-informed and consultative meetings with senior level executives at financial institutions, demonstrating the business value of our products resulting in incremental revenue growth. · Develop and execute strategies to grow a pipeline of deals within a territory, working to grow the organizational revenue of the organization. · Manage qualified opportunities through the stages of the funnel from sell-in to contracting and onboarding, leveraging key stakeholders across the organization to successfully win new business. · Demonstrate exceptional CRM (Salesforce.com, Gong, etc) hygiene to provide up to date and accurate ongoing forecasts · Set initiatives for yourself and with your Business Development Representative that include targeting existing and new financial institutions to create new opportunities · Prepare sales proposals, using independent judgment and discretion to determine services, based on client needs, to highlight for prospective clients during demonstrations · Set and conduct in-person meetings with VP and C-level executives, successfully articulating and communicating solution value, and managing the complete sales cycle.    · Grow revenue within new and existing accounts by identifying sales opportunities and successfully seeing them through the contracting process using your independent judgement and discretion. · Consistently achieve or exceed the target sales projections.    · Demonstrate our core values in how you work (results, collaboration and delivering excellence), contributing to our employer brand as a “best place to work” Requirements YOU BRING · Successful, self-motivated, results and data-driven sales representative, with 5+ years of SaaS sales experience · Excellent verbal and written communication skills, particularly with sales communications with a proven ability to effectively make outbound cold calls to prospects and existing customers. · Persuasive in dynamic situations; actively listening and gaining clarification, responding well to questions in real time and demonstrating exceptional group presentation skills; · Experience selling into or providing services to financial or banking institutions · Experience selling SaaS software solutions · Domain experience with GRC (Governance, Risk and Compliance) software or related fields · Ability to travel as needed · Use of independent judgment and discretion based upon your experience and expertise. · Experience in utilizing salesforce.com (CRM) to track sales progress for deals through the pipeline · Growth experience/ability to be hands-on and use independent judgement in a high-growth software company environment · Experience presenting to C- level executives in a consultative selling approach BONUS POINTS · Bachelors Degree; SaaS, Finance, Economics, or related field preferred · Experience selling software to banks and credit unions with an ASP between $10,000 - $100,000 (ACV) · Experience performing solutions sales cycles leveraging a team sales approach including yourself, your sales manager, & presales subject matter experts. About the Company Ncontracts provides comprehensive vendor, compliance, risk management, and lending compliance solutions to a rapidly expanding customer base of over 4,000 financial institutions in the United States. We help financial institutions achieve their compliance and risk management goals with a powerful combination of user-friendly, cloud-based software and expert services. Our solution suite encompasses the complete lifecycle of risk, including vendor management, enterprise risk management, business continuity, compliance, audit and findings management, and cybersecurity. The company was named to the Inc. 5000 fastest-growing private companies in America for the fifth consecutive year. For more information visit www.ncontracts.com  or follow the company on LinkedIn and Twitter. Apply Now < Prevous Next >

< Back TPRM Mgr Program Management Apply Now Remote Job Type Full Time Organization ACI Worldwide Application Deadline December 28, 2024 About the Role The Mgr, Program Management - TPRM is responsible for implementing and overseeing all program activities related to Third Party Risk Management, and reports to the Director of TPRM, Audit & Assurance and This individual will engage with key stakeholders across ACIs first and second lines of defense to ensure understanding of and adherence to TPRM program requirements, and that risks associated with each third-party engagement are understood, assessed, tracked, and managed. The role will partner with business owners and leaders to evaluate potential and existing third-party suppliers and external strategic partners through the third-party risk management lifecycle, including the planning and assessment, due diligence, onboarding and offboarding. Essential Functions And Responsibilities Leads and executes ACI’s Third Party Risk Management program and framework, including program training, communications, process / program adherence, effective challenge, process improvement, policies and procedures, tools / technology, escalating risk information, reporting and communications to appropriate forums. Responsible for the day-to-day management and delivery of the TPRM program framework, including: Support the planning for third party suppliers, and complete periodic risk assessment and due diligence activities for existing third-party relationships, which may include the distribution of questionnaires and collection and evaluation of responses and supporting documentation. Engagement of second line risk and compliance SMEs as needed for the review of risks and issues arising from third party assessments. Work with business partners on the identification and management of risks related to ACI’s suppliers and external strategic partners. Collaborates with key program stakeholders, business partners and business line risk officers to ensure understanding and compliance with program requirements. Participates as needed in preparation and presentations on the TPRM program for internal and external audits and assessments Develops and delivers on TPRM program priorities and roadmaps; recommends improvements and adjustments to programs and frameworks where appropriate to address evolving needs of ACI and its clients. Collaborates within ACIs horizontal and vertical functions to address third party risk and support needs; consults with business leaders and stakeholders on solutions based on good internal models and advice. Supports the Director of TPRM, Audit & Assurance with Board and Executive Leadership communications and materials. Partners and builds trust with key business partners; is a respected and sought-after resource. Influences the organization to create a more risk and compliance aware culture with respect to third party risks. Peer leader, third party risk subject matter expert, and trusted risk partner; is intellectually curious; learns the business. Provides insight as well as information. Support Crisis Management Team activities that relate to ACI's third parties such as additional review of third parties who have had a security incident or identifying third parties who may be impacted by a security incident. Perform other duties as assigned Understand and adhere to all corporate policies to include but not limited to the ACI Code of Business Conduct and Ethics. Requirements Qualifications (Education, Experience, Knowledge, Skills, And Abilities) Bachelor’s degree or equivalent work experience, preferably in information systems related field of study, Information security Risk Management/Third Party Risk Management, or Compliance. 5+ years experience in related fields, such as Third Party Risk Management, GRC program management, Third party risk management professional certifications, such as CTPRP (Certified Third-Party Risk Professional), CRISC (Certified in Risk & Information Systems Control), CISA (Certified Information Systems Auditor), CRVPM (Certified Regulatory Vendor Program Manager) Strong background including application of advanced third-party risk concepts, practices, and procedures to effectively manage risk to achieve defined outcomes and desired results. Knowledge of related federal, state, and international laws, rules and regulations, DORA, EBA, PCI, GLBA, HIPAA, GDPR, etc. Experience with the development of program policies and standards. Ability to continuously prioritize projects based on risk or impact; thrives in ambiguous environments and can create clarity and structure out of chaos and noise. Skilled negotiator with the ability to lead without direct authority, influence and build consensus across functional teams Ability to set strategy but focus on tactical and detail for execution. Ability to continually assess options to utilize data and automation to assess and improve ACI’s internal control environment. Experience and/or expertise in financial services industry, or payments business strongly preferred. Sharp decision-making skills and an ability to prioritize and execute on multiple activities. Excellent written and oral communication skills. Excels with high levels of discretion, managing and communicating with staff at all organizational levels, from senior management to individual contributors. Demonstrated ability to think strategically and drive change throughout an organization. Ability to resolve complex and diverse technical and management challenges with agility, utilizing critical thinking, communication, and influencing skills. Preferred Qualifications (Education, Experience, Competencies) Ability to design processes and implement continuous improvements to those processes. Experience with Governance Risk and Compliance tools such as Archer, Alyne, or similar strongly preferred. Experience staffing and managing remote teams and within a matrixed environment. About the Company ACI Worldwide, an original innovator in global payments technology, delivers transformative software solutions that power intelligent payments orchestration in real time so banks, billers, and merchants can drive growth, while continuously modernizing their payment infrastructures, simply and securely. With nearly 50 years of trusted payments expertise, we combine our global footprint with a local presence to offer enhanced payment experiences to stay ahead of constantly changing payment challenges and opportunities. In short, we’re helping banks, merchants and billers capture rising real-time opportunities and volumes, all to meet the shifting needs of their consumers and business customers. Apply Now < Prevous Next >

< Back Sr. Manager, Vendor Management Apply Now Remote Job Type Full Time Organization ISACA Application Deadline December 21, 2024 About the Role Overview ISACA is seeking a dynamic Senior Manager, Vendor Management, to develop and manage a world class vendor management process by leading the procurement strategy, operations, and team for ISACA. This involves all aspects of procurement for our organization and its affiliated entities. This includes evaluating potential suppliers (vendor evaluation), negotiating pricing and other terms with vendors and suppliers, vendor relationship management, vendor quality control, and ensuring compliance with regulatory standards. Responsibilities Direct contact between the organization and vendors. Identifies and researches potential new vendors, products, and services to meet the goals of the organization. Negotiates contracts, terms, conditions and deadlines with vendors and suppliers. Works closely with the ISACA Legal team to ensure contract terms are favorable to the company. Attends meetings and calls with internal stakeholders, vendors, and suppliers. Works with Executive Leadership Team to determine product and services, future growth and development initiatives. Monitors business trends and product availability analyzing spend, cost, quality and delivery times. Build and manage strong relationships with vendors and negotiate pricing. Identifies and researches potential new vendors as well as new products and services to meet the goals of the organization and the vertical lines of business. Assesses total costs of organizational purchases. Develops and implements strategies for procuring products and services for internal customers. Process purchase requisitions and purchase orders for vendor and supplier payments. Develop policies and standardized processes for vendor management, including procurement, contracting, monitoring, and offboarding. Determine areas for streamlining business operation improvements/cost savings. Other duties as directed by the CFO to assist with the implementation of purchasing policies, processes, and guidelines. Supervisory responsibility Hire, develop and lead teams. Set goals and strategic direction for the department, ensuring alignment with broader business goals and vision. Monitoring employee productivity, providing constructive feedback and coaching Requirements Qualifications Required Field of Study: Bachelor’s in Business administration or related field Minimum Years Of Experience Required 5+ years experience in vendor management 5+ years proven supervisory experience Description Of Minimum Experience Required Experience building and executing against new and often innovative strategies that directly connect key initiatives to measurable business outcomes. Progressive people management, with a proven track record of building and developing high-performing teams. Preferred Field Of Study Masters in Purchasing management, logistics, supply chain management, or related field Preferred Years Of Experience 7+ years experience in vendor management 7+ years proven supervisory experience Description Of Preferred Experience Experience building and executing against new and often innovative strategies that directly connect key initiatives to measurable business outcomes. Progressive people management, with a proven track record of building and developing high-performing teams. Prior work experience within a not-for-profit organization Certification And Licensing Certification from the Next Level Purchasing Association or the Universal Public Procurement Certification Council (Preferred) Competencies/Skills Required Microsoft Office Suite Working knowledge of the industry and market conditions Strong understanding of procurement and negotiation techniques Excellent verbal and written communication skills Strong negotiation and conflict resolution skills About the Company ISACA is a global professional association and learning organization that leverages the expertise of its 180,000+ members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through the ISACA Foundation, ISACA supports IT education and career pathways for underresourced and underrepresented populations. Apply Now < Prevous Next >

< Back INDUSTRY ROUNDTABLE Q4 Industry Roundtable: Insurance (All Industries) Monday, November 3, 2025 Date Monday, November 3, 2025 Time 10:00 - 11:00 AM CT Intended Audience TPRA Practitioner Members in the Insurance Sector (Across All Industries) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Expand your horizons with this cross-industry roundtable designed for TPRM professionals in insurance and related fields. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, these quarterly discussions tackle shared challenges across industries—from compliance hurdles to vendor transparency. Participant-led agendas foster diverse insights and collaborative problem-solving, making this event an invaluable forum for all practitioners. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.