Third Party Governance Manager - #941568

DocuSign


Date: 1 week ago
City: Bengaluru, Karnataka
Contract type: Full time

  • The Third Party Governance Manager is responsible for conducting vendor risk assessments and remediation activities while contributing to strategic initiatives to enhance, scale, and mature the global third party governance program for DocuSign
  • This hands-on position will mature relationships with internal and external partners globally to represent the team and communicate/report third party risks including risk mitigation strategies
  • This position is an individual contributor role reporting to the Director, Security Compliance and Third Party Governance

Responsibility

  • Conduct and maintain a consistent approach to vendor risk assessments, reassessments, and mature processes to scale the global program
  • Conduct vendor performance monitoring to identify issues and work with third parties and DocuSign stakeholders to track the risk remediations through closure
  • Manage third parties continuous monitoring activities and align with other Security functions to protect DocuSign
  • Manage tool operational activities and build team playbook documentations
  • Implement day to day operations and periodic reviews and maintenance of DocuSign Third Party Governance program lifecycle within a vendor management tool and/or GRC tool
  • Develop and improve risk assessment processes to effectively manage and mitigate risk
  • Lead cross functional meetings with business owners and/or third parties with minimal manager supervision
  • Develop and maintain strong relationships based on trust and transparency with primary business stakeholders and third party contacts.
  • Establish governance across projects with structure on tracking and reporting. Develop metrics to measure and track compliance, risk and the efficiency of the program
  • Document and discuss the third party governance program security practices to provide transparency to business stakeholders and vendor contacts

Basic

  • Self-starter with superb communication, collaborative, and presentation skills
  • Minimum of 5 years of relevant experience in computer science, information security risk management, or a related domain
  • Minimum of 3 years of relevant experience working in third party risk management
  • Experience with a vendor management tool and/or GRC tool
  • Working experience interpreting third party reports and certifications and relevance of controls and control strength (SSAE16, ISO27001, NIST, PCI, SIG, CSA, HIPAA, HITRUST, FedRamp)
  • One or more of these certifications: CISSP, CISM, CTPRP, CISA, CIPT, CompTIA Security+, AWS/Azure Security
  • Experience with risks as they'relate to security systems, including firewalls, ports, anti-virus software, authentication systems (SAML, SSO, MFA), log management, penetration testing and code review techniques, web related technologies and protocols and third party integrations and secure data sharing over various different mediums (API connections, SFTP etc)
  • Experience with privacy regulations (GDPR, CCPA, LGPD) and how they'relate to third parties

Preferred

  • Independently driven, resourceful, and able to deliver results with minimal oversight; Good sense of ownership, urgency, and drive
  • Good eye for business with the ability to engage with technical teams to present assessment results, risks and to participate in discussions about acceptable and compensating controls
  • Technical acumen and experience with a vendor management tool and/or GRC tool
  • Experience working hands-on with cross-functional teams legal, procurement, strategy teams, information security, business continuity, privacy experts, and engineering in assessing processes, risks and controls
  • Experience with cloud computing concepts and security industry standards and frameworks (NIST, ISO, PCI, SIG, CSA, HIPAA, HITRUST)
  • Experience with non-security related risk (business, financial/credit, legal compliance (OFAC, ABAC)

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a CV

Similar Jobs

Pre-sales / Proposals Engineer

Utthunga Technologies Pvt. Ltd., Bengaluru, Karnataka
12 hours ago
Job DescriptionSeeking an experienced Pre-sales and Proposal Engineer with 6-8 years of experience. The ideal candidate will play a crucial role in understanding and articulating our IT infrastructure, IT Enterprise applications and data solutions.with a primary focus on a 70% emphasis on IT Enterprise apps and data, and a 30% emphasis on Cloud/Infrastructure. The Presales and Proposal Engineer will collaborate...

CPU Design Verification Engineer, Google Cloud

Google, Bengaluru, Karnataka
19 hours ago
Minimum qualifications:Bachelor's degree in Electrical Engineering or equivalent practical experience.3 years of experience creating and using verification components and environments in standard verification methodology.Experience verifying digital logic at RTL level using SystemVerilog or Specman/E for Field Programmable Gate Arrays or ASICs. Experience verifying digital systems using standard IP components/interconnects (e.g., microprocessor cores, etc.).Experience in scripting using Python, Perl, or shell...

Cyber Security Lead Engineer

BorgWarner Inc., Bengaluru, Karnataka
20 hours ago
Basic Qualifications.7+ years of experience in a product cybersecurity position or 10+ years in an embedded systems/software competency with a strong interest in cybersecurityKnowledge of Automotive cybersecurity standards are strongly advised.. Responsible to carry our risk assessment (TARA) on ECU's and associatedfunctions/featureMajor Job Responsibilities:Being passionate and forward-thinking about cybersecurity and the needs for the ever-changing automotive industry.Plans and implements the...