Atlas · 4 hours ago
Third Party Risk Management Consultant
Princeton, NJ
Contract
Hybrid
Senior Level
$70/hr - $80/hr
5+ years expAtlas is seeking an Intermediate Third Party Cyber Risk Management Consultant to act as the analytical lead at the intersection of compliance, cybersecurity, and innovation. This role involves performing risk analyses on third-party vendors and driving activities around TPCRM security and audits, while ensuring the management of information security risks throughout supplier relationships.
Management Consulting
Hiring Manager
Farhaaz Mansuri
Responsibilities
Develop and update TPCRM Security standards and documentation
Continuously assess TPCRM security risks based on an inventory of vendor landscape and TPCRM security risks
Develop TPCRM security metrics and requirements
Examine and select tools and techniques to continuously monitor and report on third party security risks
Support the management of information security risks throughout the duration of a supplier relationship, corresponding communication, and metrics reporting
Support operations of third party cyber risk management program (TPCRM) in 2026
Ensure alignment with DK Act by end of 2026
Ensure all new TPCRM Suppliers assessed by end of 2026
Ensure all critical or high residual risk TPCRM Suppliers are reassessed by end of 2026
Evaluate the security assurance statements of critical suppliers
Update, align and deploy current vendor and TPCRM security requirements in alignment with Procurement, Corporate Compliance, Legal, Privacy, QA and Digital
Develop and deploy cyber risk audit as a service by end of 2026
Develop and maintain strong working relationships with leaders in the Digital, Legal and Global Procurement departments and stay ahead of new developments in security and data protection regulations
Develop and manage the framework and timeline for performing regular audits and the assessment of assurance reports
Based on the current vendor landscape, define audit priorities and activities for short (one year) and long (three years) term period
Execute audit calendar and integrate results into an integrated dashboard
Qualification
Required
5 years of experience in TPCRM (Third Party Cyber Risk Management) with a strong analytical background
Risk and control frameworks (e.g., NIST, ISO 27001, FISMA), excellent understanding of vendor management processes and related assurance frameworks (SOC 1 and 2 and type I/II audits and auditor reports)
Hands-on experience with AI/ML tools, automation platforms, or risk analytics software
Excellent interpersonal and storytelling skills: know how to speak 'risk' in business language
Experience in a Pharma / Biotech / Healthcare company regulations (GDPR, SOX, HIPAA, etc.)
Certifications such as CTPRP, CRISC, or CISSP, CISA, CISM
GRC tools (ServiceNow, Galvanize, Archer, WolfPAC etc.)
Experience working in multinational organizations and global virtual teams
Knowledge of current and emerging cyber security and privacy regulations and practices and how other enterprises are employing them
Bachelor's Degree in Computer Science, MIS, or related field of study; or any equivalent combination of relevant work experience and training
Company
Atlas
Atlas is a company which provides IT services, business solutions and consultation services.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Vicki Guida
Chief Operating Officer
Rishi Dixit
Vice President, Strategic Solutions (Innovative Products and Partnerships)
Company data provided by crunchbase