×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Manager -Cybersecurity Third Party Risk

Job in Virginia, St. Louis County, Minnesota, 55792, USA
Listing for: 101 Sentara Hospitals
Full Time position
Listed on 2026-06-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 116729 - 216778 USD Yearly USD 116729.00 216778.00 YEAR
Job Description & How to Apply Below

Overview

As a Cyber Security Third-Party Risk Manager, you will play a critical role developing, enhancing and executing the third-party risk management program including onboarding, maintenance and ongoing monitoring, and offboarding of third-party suppliers. Your primary responsibilities will include identifying and categorizing third party vendors based on risk, understanding and prioritizing the risks, establishing and enforcing key controls to mitigate the risk, performing continuous monitoring that tracks and reassesses third parties, and ensuring third party contractual compliance with Sentara policy and standards.

You will also be responsible for negotiating and maintaining the information security exhibit with the vendors through the contracting process.

Key Responsibilities
  • Regularly interact with all levels of management to present and discuss third-party risk management.
  • Conduct comprehensive risk assessments of third-party vendors based on risk.
  • Manage a team of assessors for performing vendor assessments and vendor contracts negotiations.
  • Analyze and prioritize risks based on their potential impact on the organization’s operations, data, and reputation.
  • Develop and streamline the third-party risk management process.
  • Identify and assess vulnerabilities within vendor systems, networks, and applications.
  • Collaborate with cross‑functional teams, including IT, security, and compliance, to develop and implement risk mitigation strategies.
  • Prepare detailed third-party risk assessment reports, including findings, recommendations, and mitigation plans, for presentation to management.
  • Maintain accurate and up-to‑date documentation of third‑party risk assessment activities, findings, and risk treatment plans.
  • Assist in audits and assessments to demonstrate compliance with cybersecurity standards.
Education & Qualifications
  • Education:

    Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (preferred)
  • Experience in lieu of Bachelor's Degree – 7+ years of experience in cybersecurity, with at least 3 years in risk management.
  • Required:

    5+ years of experience in cybersecurity, with at least 3 years in risk management with a degree.
  • Required:

    7+ years of experience in cybersecurity, with at least 3 years in risk management without a degree.
  • Strong understanding of cybersecurity principles, risk assessment methodologies, and threat landscape analysis.
  • 3 years’ experience managing a third‑party risk management program and team.
  • Proficiency in performing third‑party risk assessments and negotiating contractual security language.
  • Knowledge of regulatory compliance requirements and industry standards.
  • Excellent analytical and problem‑solving skills.
  • Effective communication and interpersonal abilities to collaborate with multidisciplinary teams.
  • Experience in healthcare or other highly regulated industries preferred.
  • Deep understanding of cybersecurity frameworks (NIST CSF, NIST 800‑53, ISO 27001, HITRUST).
  • Knowledge of healthcare regulations (HIPAA, HITECH) and their technical requirements.
  • Familiarity with risk assessment methodologies and tools.
  • Understanding of security technologies, controls, and best practices.
  • Experience with GRC platforms such as ServiceNOW, One Trus Keyword, Cybersecurity Risk, TPRM Talroo – IT.
Certifications (Preferred)
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Control)
  • CISA (Certified Information Systems Auditor)
Compensation

The base pay rate for full‑time employment is $ – $. Additional compensation may be available such as shift differentials, standby/on‑call, overtime, premiums, extra shift incentives, or bonus opportunities.

Benefits
  • Medical, Dental, Vision plans
  • Adoption, Fertility and Surrogacy Reimbursement up to $10,000
  • Paid Time Off and Sick Leave
  • Paid Parental & Family Caregiver Leave
  • Emergency Backup Care
  • Long‑Term, Short‑Term Disability, and Critical Illness plans
  • Life Insurance
  • 401(k)/403(b) with Employer Match
  • Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
  • Student Debt Pay Down – $10,000
  • Reimbursement for certifications and free access to complete CEUs and professional development
  • Pet Insurance
  • Legal Resources Plan
Equal Opportunity Statement

Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its workforce. Sentara Health is a Virginia and Northeastern North Carolina based not‑for‑profit integrated healthcare provider. This is a tobacco‑free environment.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search