Fresenius Medical Care Logo

Fresenius Medical Care

Senior Manager, IT Third-Party Risk Management (TPRM)

Reposted 2 Days Ago
In-Office or Remote
Hiring Remotely in Australia
Senior level
In-Office or Remote
Hiring Remotely in Australia
Senior level
The Senior Manager of IT Third-Party Risk Management oversees the third-party risk program, enhances governance, streamlines processes, and collaborates with cross-functional teams to manage risks effectively across vendors.
The summary above was generated by AI

Hybrid - Upon agreement between you and your supervisor, you are entitled to a flexible arrangement where you will be able to split your time between working from the office and working remotely.

The Senior Manager, IT Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining process, automating workflows, and enabling leaders to make risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Information Technology Solutions (ITS), Cybersecurity & Privacy Solutions (CPS), Procurement, Legal, Compliance, and business personnel, to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Provide leadership of short- and long-term goals for IT Third-Party Risk Management.  Lead the effort to foster an environment of customer service, continuous improvement and consistent execution.

Program Leadership and Maturity

  • Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes

  • Establish and maintain program operating cadence (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)

  • Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry practices

  • Develop and maintain standard operating procedures, job aids, and training materials to ensure consistent execution

Stakeholder and Management Interaction

  • Serve as a trusted advisor to business owners, translating third-party risk into clear decision options

  • Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, and approvals align to governance and are documented

  • Partner with procurement to embed risk requirements into intake, sourcing, and ongoing vendor management

  • Collaborate with Legal, CPS, and Compliance to ensure contract provisions, control expectations, and due diligence are aligned and enforceable

TPRM Tooling, Automation and Decision Enablement

  • Own management and optimization of the organization’s TPRM technology platform

  • Design, configure, and enhance process workflows

  • Develop dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, concentration risk, critical vendor oversight, and periodic vendor reassessment

  • Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history

  • Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, risk acceptance trends)

Third-Party Risk Assessments and Lifecycle Management

  • Oversee third-party risk assessments, including inherent risk tiering

  • Ensure assessment scope are appropriate for vendor criticality, data sensitivity, and service impact

  • Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items

  • Maintain processes for periodic reassessments and continuous monitoring of high-risk/critical vendors

People Leadership

  • Lead, coach, and develop a team of TPRM professionals

  • Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership.

EDUCATION:

Required Qualifications

  • Bachelor’s degree or equivalent practical experience

  • 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines

  • 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity

  • Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement

  • Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting

  • Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions

  • Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation

Preferred Qualifications

  • Experience in regulated industries (financial services, healthcare, insurance, or similar)

  • Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)

  • Certifications such as CISA, CRISC, CISSP, CISM, or equivalent

  • Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model

Similar Jobs

10 Minutes Ago
Easy Apply
Remote or Hybrid
Easy Apply
Mid level
Mid level
Greentech • Hardware • Healthtech • Internet of Things
Own territory growth by prospecting, closing new business, and expanding existing accounts through Office Coffee Service (OCS) partners. Build partner relationships, co-sell, run local sales blitzes, lead demos and events, track pipeline and performance in Salesforce, analyze data to prioritize opportunities, and create strategic account plans to drive bookings, retention, and product adoption.
Top Skills: Salesforce
3 Hours Ago
Easy Apply
Remote or Hybrid
Easy Apply
Senior level
Senior level
Cloud • Information Technology • Security • Software • Cybersecurity
The Sales Account Executive will build relationships with stakeholders, create account strategies, and act as a trusted advisor to clients while driving cloud security solutions.
Top Skills: AICloud Security
3 Hours Ago
Easy Apply
Remote
Easy Apply
Senior level
Senior level
Big Data • Fintech • Mobile • Payments • Financial Services
Lead strategy, design, governance, and execution of executive compensation programs. Partner with senior leaders and cross-functional teams to align pay with business priorities, analyze market trends, manage tools and processes, prepare materials for Board/Compensation Committee, and communicate compensation programs to leaders and employees.
Top Skills: Claude CodeExcelSigma ComputingSnowflake

What you need to know about the Melbourne Tech Scene

Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account