Search Results

< Back WORK GROUP Service Provider Advisory Council Thursday, September 18, 2025 Date Thursday, September 18, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Vendor Members Duration 60 minutes CPE Credits 0 Fee Free Register Event Description The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Show More SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each month by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Who Should Attend All TPRA Vendor Members are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back Operational Risk Specialist III (AVP), Vendor Risk Apply Now Hybrid Job Type Full-Time Organization Eastern Bank Application Deadline December 31, 2024 About the Role The primary responsibilities of the AVP Vendor Risk Analyst are to support the monitoring and reporting requirements of Eastern’s Third Party Risk Management and New Initiative programs. This incumbent will report directly to the VP, Third-Party Risk Manager. This role will provide support to the first line of defense across all five (5) life-cycle phases (Risk Assessment, Due Diligence, Contracting, Oversight and Termination), assisting all with understanding and complying with Bank's TPRM regulatory requirements. A successful candidate will ensure risks introduced by the business units through the Third-Party Risk Management and New Initiative programs are effectively identified, assessed, mitigated, and reported within the Bank. The role will support continuous improvement of the Third Party and New Initiative risk management frameworks, tools, policies, and procedures to ensure the bank is complying with relevant regulations and guidance. Assist in the inventory management and tracking of all third-party relationships across the Bank and ensuring the accuracy of the risk management system. Help define program criteria and train business units on the third-party life cycle. This includes contracting, monitoring vendor performance, and enforcing appropriate vendor management tools to ensure high quality services and contractual commitments are received throughout the duration of the engagement. Maintain/enhance tools for use in vendor management, including vendor tracking, analytics, and performance management tools. Handle escalation issues with vendors and works with other business units to manage and proactively work to identify, resolve issues, and develop solutions. This includes findings management in the GRC tool. Monitor negative media events and vendor industry developments. Actively remain current with industry standards, regulatory guidance, trends, competitive intelligence on vendor management best practices and provide recommendations accordingly. Ensure risk assessments are completed for all new vendors and review for reasonableness. Execute and oversees annual third-party vendor risk assessments and monitoring and coordinates with all business unit vendor owners to ensure review completion. Supports execution an analysis of annual third-party SOX/SOC reviews and provides effective challenge. Ensure policy standards and regulatory requirements for associated programs are adhered to and make recommendations for policy updates based upon regulatory guidance and corporate standards. Assist with internal auditors and external examiners to support risk related audits and examinations. Attend & participate in third-party and new initiative meetings. Manages the Engagement and New Initiative modules of the Bank’s GRC tool. Supports providing effective challenge on New Initiatives and ensuring program requirements and stakeholder feedback is addressed prior to launch Requirements PROBLEM SOLVING & DECISION MAKING : The AVP Vendor Risk Analyst plays a supportive role in making critical decisions that impact the Third Party and New Initiative Risk Management frameworks. This position requires a high level of problem-solving skills and the ability to analyze complex risk issues to develop effective solutions. The AVP Vendor Risk Analyst will need to work both independently and in collaborative environments and will require strong organizational and communication skills. The AVP Vendor Risk Analyst will work closely with management and collaborate with various stakeholders to establish and advance the risk frameworks and standards, ensuring alignment with industry best practices, and bank’s overall objectives. The decisions made by the AVP Vendor Risk Analyst directly impact the implementation of risk management initiatives and drives a risk focused culture within the organization. The role will require analysis and reporting on risk assessments to inform internal and external stakeholders. Program responsibilities are visible to management and the regulators. Education and Experience Bachelor's Degree or equivalent experience. Advanced degree is a plus. 3-5 years of proven experience in risk management, internal audit, bank operations, or banking industry, or other related risk or control function Strong foundation in Third Party Risk Management a plus Skills/Knowledge Ability to apply risk management concepts to a business setting. Strong analytical and problem-solving skills, with the ability to analyze complex risk management issues, provide effective solutions, strategic risk insights, lead change, and escalate significant concerns to their manager. Effective communication and interpersonal skills to collaborate with stakeholders at all levels of the bank and convey complex concepts to diverse audiences. Ability to lead and influence cross-functional teams and drive change management initiatives within a midsize bank setting. Detail-oriented with excellent organizational and project management skills. Proficient Microsoft Office and knowledge of GRC Systems (e.g., Archer) Effective written and oral communication About the Company At Eastern Bank, we pride ourselves on supporting our employees by offering tremendous opportunity for individual growth. As an inclusive company, we work to ensure that our valued employees are treated fairly, recognized for their individuality, and encouraged to reach their fullest potential. These values have earned us a reputation as a great place to work and provide a strong reason why you should consider a career with us. We are proud to offer comprehensive compensation plans and a benefits program called Total Rewards that includes medical, dental, vision, life and disability insurance, retirement, vacation and tuition reimbursement. Eastern Bank is an Equal Opportunity Employer of women, people of color, LGBTQIA+, religion, national origin, citizenship, neurodivergence, age, Veterans, individuals with disabilities, or any other characteristic protected by law. At Eastern Bank, we are dedicated to building a diverse, equitable, inclusive and authentic workplace. If you’re excited about this role but your experience doesn’t fully align with every qualification, we still encourage you to apply! You may be just the right candidate for this position or others across the company. Our Recruitment team is waiting to chat with YOU. Apply Now < Prevous Next >

< Back WORK GROUP Service Provider Advisory Council Thursday, April 17, 2025 Date Thursday, April 17, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Vendor Members Duration 60 minutes CPE Credits 0 Fee Free Register Event Description The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Show More SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each month by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Who Should Attend All TPRA Vendor Members are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back TPRM Auditor Apply Now India (Remote) Job Type Full Time Organization VISO TRUST Application Deadline December 18, 2024 About the Role Key Responsibilities Analyzing security program related language and documents, recording text annotations for the training of machine learning models and ensuring quality assurance on the conclusions drawn by automated assessments Conducting domestic and global third party risk assessments including coordinating intake of new third parties and new engagements, third party security reviews, interacting with internal and external stakeholders, reporting on assessment outcomes and tracking remediation efforts Working closely with Product, Engineering, Customer Success and Machine Learning teams to contribute to automation logic and model training and ensure the success of reviews performed on the platform Apply VISO TRUST methodology to to evaluate control presence and determine risk Document assessment procedures for subsequent automation Review business and technical assessments, questionnaires and related documentation Schedule and conduct review calls with third parties: ensure and track questionnaires sent to third parties, track and report on abandoned third parties, receive and review questionnaires responses and finalize reports Coordinate other due diligence that needs to be done in addition to security questionnaire when needed Collaborate with VISO Audit, Product, Engineering and Machine Learning personnel to develop continued program process and platform improvements Report on assessment outcomes, risk levels, and remediation progress Requirements Key Skills, Qualifications & Experience Strong analytical/critical thinking skills Excellent written, verbal communication and organizational skills Ability to perform policy and standard gap analyses based on leading security frameworks Knowledge of common control and policy taxonomies and hierarchies and related language Knowledge of common third party assurance related documents, their structure and analysis, such as AICPA SOC reports, PCI DSS ROC, HiTrust, ISO 27001 Statements of Applicability, etc. Deep knowledge and experience with regard to the VISO TRUST technology platform and it’s unique approach to text extraction and automated risk determination Bachelor’s degree with a major in Information Security or equivalent combination of education and experience, ie. CISSP, CISA, CIPP, CRISC, CEH, and/or CISM 3-5 years of experience with third party cyber risk management Have performed IT risk assessments against OWASP, PCI, GLBA, NIST, ISO, SIG/AUP or other standards Strong knowledge base in information security, risk management, privacy, operations, enterprise networking, systems evaluation, and architecture Ability to discern business relevant risk associated with technology control deficiencies, and to identify the corresponding remediation which is required to mitigate the business impact Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary. Knowledge of security, risk and privacy regulatory frameworks such as NIST, SOX, PCI, HIPAA, ISO, Safe Harbor, CSA, etc. Self-starter who can function independently with limited direction but work closely with others when necessary About the Company A rationalized vendor security due diligence platform. VISO TRUST puts reliable, comprehensive, actionable vendor security information directly in the hands of decision-makers who need to make informed risk assessments. Apply Now < Prevous Next >

< Back TPRM, Analyst Apply Now Sioux Falls, SD (Onsite) Job Type Full TIme Organization BitGo Application Deadline December 19, 2024 About the Role Responsibilities: Contribute to the functioning and optimization of BitGo’s full cycle Third-Party Risk Management/Procurement Program Serve as the lead point of contact for third party vendors/suppliers for BitGo while monitoring their performance Enhance and distribute due diligence forms for our suppliers/vendors to complete as part of their onboarding process Work cross-functionally with all corresponding departments (Compliance, Legal Ops.,Info. Security, Finance, etc.) to ensure their corresponding vendors are up to par/compliant with applicable laws and regulations Support the Strategic Sourcing/Procurement Lead for any new vendor/supplier needs Maintain a regimented/consistent sourcing process that can serve as an internal guide for all newly selected vendors/suppliers moving forward Maintain a proper documentation system for Third Party Risk Mgmt./Procurement Develop a strong understanding of all service offerings at BitGo (custody, prime brokerage, portfolio/tax solutions) Exemplify a willingness to take on additional responsibilities as needed Requirements BitGo is looking for people who are passionate about their craft, take full ownership for their work and projects, and believe in a transparent and collaborative culture with the goal of making BitGo successful. 2+ years of relevant Third Party Risk Mgmt./Procurement experience Knowledge of risk management and control frameworks (e.g. COSO, ISO 31000, AICPA SOC) Knowledge of information security and privacy standards and regulations (e.g., ISO 27001/27701, NIST, FFIEC, CCPA, EU GDPR) Experience with GRC systems and automation tools for managing business datasets High attention to detail, accuracy, and thoroughness. Strong problem-solving, investigative, and analytical skills, with aptitude for discriminating between useful and less useful details Ability to work independently and manage through ambiguous situations, with minimal supervision High level of commitment to quality work product and organizational ethics, integrity, and compliance Ability to interface with top management. Strong interpersonal skills and the ability to effectively communicate, both written and verbally A college degree in business, public policy, or a technical field. (BA/BS) You are knowledgeable and enthusiastic about blockchain technology and cryptocurrencies About the Company BitGo is the leading infrastructure provider of digital asset solutions, offering custody, wallets, staking, trading, financing and settlement out of regulated cold storage. Founded in 2013, BitGo is the first digital asset company to focus exclusively on serving institutional clients.BitGo is dedicated to advancing a digital financial services economy that is borderless and accessible 24/7. With multiple Trust companies around the world, BitGo is the preferred security and operational backbone for more than 1,500 institutional clients in 50 countries, including many of the world’s top brands, cryptocurrency exchanges and platforms. BitGo also secures approximately 20% of all on-chain Bitcoin transactions by value and is the largest independent digital asset custodian. For more information, please visit www.bitgo.com . BitGo is looking to hire an Analyst / Sr. Analyst to focus on Third-Party Risk Management/Procurement reporting to the Global TPRM Manager. This is a great opportunity to occupy a highly collaborative/cross-functional role where you’ll be able to apply your expertise within the aforementioned categories of enterprise risk management. Apply Now < Prevous Next >

< Back INDUSTRY ROUNDTABLE Q2 Industry Roundtable: Insurance (All Industries) Tuesday, May 13, 2025 Date Tuesday, May 13, 2025 Time 10:00 - 11:00 AM CT Intended Audience TPRA Practitioner Members in the Insurance Sector (Across All Industries) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Expand your horizons with this cross-industry roundtable designed for TPRM professionals in insurance and related fields. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, these quarterly discussions tackle shared challenges across industries—from compliance hurdles to vendor transparency. Participant-led agendas foster diverse insights and collaborative problem-solving, making this event an invaluable forum for all practitioners. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back WORK GROUP Service Provider Advisory Council Thursday, August 21, 2025 Date Thursday, August 21, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Vendor Members Duration 60 minutes CPE Credits 0 Fee Free Register Event Description The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Show More SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each month by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings The Service Provider Advisory Council is a dedicated monthly forum for service providers in the third-party risk management (TPRM) space to collaborate, share insights, and provide strategic guidance. This council brings together industry leaders and innovators to discuss emerging trends, challenges, and opportunities impacting the TPRM ecosystem. Who Should Attend All TPRA Vendor Members are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back INDUSTRY CALL Q3 Industry Roundtable: Financial Institutions Monday, July 14, 2025 Date Monday, July 14, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Practitioner Members in the Finance Sector (including FinTech) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Delve into the unique complexities of third-party risk management within the financial sector at this interactive roundtable. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, this quarterly gathering invites financial professionals to collaborate, share cutting-edge strategies, and address emerging industry risks. With agendas shaped by participants, each session delivers highly relevant insights to tackle the ever-evolving challenges of the financial world. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back INDUSTRY CALL Q4 Industry Roundtable: Financial Institutions Monday, October 6, 2025 Date Monday, October 6, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Practitioner Members in the Finance Sector (including FinTech) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Delve into the unique complexities of third-party risk management within the financial sector at this interactive roundtable. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, this quarterly gathering invites financial professionals to collaborate, share cutting-edge strategies, and address emerging industry risks. With agendas shaped by participants, each session delivers highly relevant insights to tackle the ever-evolving challenges of the financial world. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back INDUSTRY CALL Q2 Industry Roundtable: Financial Institutions Monday, April 14, 2025 Date Monday, April 14, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Practitioner Members in the Finance Sector (including FinTech) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Delve into the unique complexities of third-party risk management within the financial sector at this interactive roundtable. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, this quarterly gathering invites financial professionals to collaborate, share cutting-edge strategies, and address emerging industry risks. With agendas shaped by participants, each session delivers highly relevant insights to tackle the ever-evolving challenges of the financial world. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back INDUSTRY CALL Q1 Industry Roundtable: Financial Institutions Monday, January 27, 2025 Date Monday, January 27, 2025 Time 1:00 - 2:00 PM CT Intended Audience TPRA Practitioner Members in the Finance Sector (including FinTech) Duration 60 minutes CPE Credits 0 Fee Free Register Event Description Delve into the unique complexities of third-party risk management within the financial sector at this interactive roundtable. Facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA, this quarterly gathering invites financial professionals to collaborate, share cutting-edge strategies, and address emerging industry risks. With agendas shaped by participants, each session delivers highly relevant insights to tackle the ever-evolving challenges of the financial world. SPEAKER(S) INFORMATION CPE CREDIT These meetings are roundtables with topics chosen each quarter by attendees and participants, facilitated by Julie Gaiaschi, CEO & Co-Founder of TPRA. About These Meetings Industry Roundtables (previously called Special Interest Calls) are industry-specific meetings where the agendas are set each quarter by its participants and facilitated by community members. Any TPRA Practitioner Member belonging to the industry noted above may join the calls. Who Should Attend All TPRA Practitioner Members in the related industry are invited to these events. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

< Back Field Sales Director, Third Party RIsk Solutions (NY Market) Apply Now Remote Job Type Full Time Organization SecurityScorecard Application Deadline November 30, 2024 About the Role Client Relationship Management: Build and maintain deep relationships with key decision-makers in the supply chain and defense sectors, understanding their security challenges and requirements. Sales Execution: Drive revenue growth through a consultative sales approach, identifying client needs, presenting SecurityScorecard solutions, and closing business. Supply Chain Risk Management Expertise: Utilize in-depth knowledge of supply chain vulnerabilities and the cyber defense landscape to tailor security solutions for clients. Cross-Functional Collaboration: Work closely with internal teams such as Customer Success, Solutions Architects, and Engineering to ensure a seamless client experience and ongoing support. Market Expansion: Actively pursue new business opportunities and drive account expansion within targeted industries, focusing on supply chain and defense markets. Client Education: Present thought leadership on supply chain defense and cybersecurity to educate clients and position SecurityScorecard as a trusted partner in securing their supply chains. Pipeline Management: Track and manage sales pipelines, ensuring timely follow-up, accurate forecasting, and goal attainment. Requirements Experience: 5+ years of experience in client-facing roles within the cybersecurity industry, preferably with a focus on supply chain defense or enterprise risk management. Knowledge: Strong understanding of supply chain security threats, third-party risk management, and cyber defense strategies. Sales Acumen: Proven track record of driving sales and achieving quotas, with a consultative selling approach. Communication Skills: Exceptional verbal and written communication skills with the ability to articulate complex cybersecurity concepts to diverse audiences. Collaboration: Strong team player with the ability to work effectively across departments to meet client needs and company objectives. Technical Knowledge: Familiarity with cybersecurity frameworks, standards, and tools, including security ratings platforms and risk assessment methodologies. Education: Bachelor's degree in a relevant field (e.g., Cybersecurity, Business, or Information Technology) preferred; relevant certifications (CISSP, CISM, etc.) are a plus. About the Company Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, response, and resilience, with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard makes the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors. SecurityScorecard is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to its trusted and transparent Instant SecurityScorecard rating Apply Now < Prevous Next >