Fresenius Medical Care Logo

Fresenius Medical Care

Senior Manager, IT Third-Party Risk Management (TPRM)

Reposted 5 Days Ago
In-Office or Remote
Hiring Remotely in Canada
Senior level
In-Office or Remote
Hiring Remotely in Canada
Senior level
The Senior Manager of IT Third-Party Risk Management oversees the third-party risk program, enhances governance, streamlines processes, and collaborates with cross-functional teams to manage risks effectively across vendors.
The summary above was generated by AI

Hybrid - Upon agreement between you and your supervisor, you are entitled to a flexible arrangement where you will be able to split your time between working from the office and working remotely.

The Senior Manager, IT Third-Party Risk Management (TPRM) leads the day-to-day execution and ongoing maturity of the organization’s third-party risk program. This role is accountable for strengthening governance, streamlining process, automating workflows, and enabling leaders to make risk-informed decisions through effective TPRM tooling, dashboards, and reporting. The Senior Manager partners closely with stakeholders across Information Technology Solutions (ITS), Cybersecurity & Privacy Solutions (CPS), Procurement, Legal, Compliance, and business personnel, to ensure third-party risk is understood, managed, and monitored across the third-party lifecycle—from intake and due diligence through contracting, onboarding, continuous monitoring, and offboarding.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Provide leadership of short- and long-term goals for IT Third-Party Risk Management.  Lead the effort to foster an environment of customer service, continuous improvement and consistent execution.

Program Leadership and Maturity

  • Drive the TPRM maturity roadmap, including improvements to governance, policies/standards, workflow design, tiering methodology, and lifecycle processes

  • Establish and maintain program operating cadence (e.g., monthly risk reviews, KPI/KRI reporting, issue remediation tracking, and executive readouts)

  • Identify gaps and implement enhancements to ensure program scalability, consistency, auditability, and alignment with regulatory/industry practices

  • Develop and maintain standard operating procedures, job aids, and training materials to ensure consistent execution

Stakeholder and Management Interaction

  • Serve as a trusted advisor to business owners, translating third-party risk into clear decision options

  • Facilitate risk discussions, challenge risk assumptions appropriately, and ensure documented risk decisions, and approvals align to governance and are documented

  • Partner with procurement to embed risk requirements into intake, sourcing, and ongoing vendor management

  • Collaborate with Legal, CPS, and Compliance to ensure contract provisions, control expectations, and due diligence are aligned and enforceable

TPRM Tooling, Automation and Decision Enablement

  • Own management and optimization of the organization’s TPRM technology platform

  • Design, configure, and enhance process workflows

  • Develop dashboards and reporting for leaders: portfolio risk views, assessment status, SLA adherence, open issues, concentration risk, critical vendor oversight, and periodic vendor reassessment

  • Improve data quality and establish a single source of truth for third-party risk inventory, risk ratings, and decision history

  • Define and track KPIs/KRIs (cycle time, backlog, critical findings aging, remediation performance, override rates, risk acceptance trends)

Third-Party Risk Assessments and Lifecycle Management

  • Oversee third-party risk assessments, including inherent risk tiering

  • Ensure assessment scope are appropriate for vendor criticality, data sensitivity, and service impact

  • Drive effective issue management and remediation tracking, including escalation paths for overdue or high-risk items

  • Maintain processes for periodic reassessments and continuous monitoring of high-risk/critical vendors

People Leadership

  • Lead, coach, and develop a team of TPRM professionals

  • Set performance expectations, ensure workload prioritization, and build a culture of continuous improvement and strong business partnership.

EDUCATION:

Required Qualifications

  • Bachelor’s degree or equivalent practical experience

  • 8+ years of experience in third-party risk management, technology risk, operational risk, compliance, or related disciplines

  • 3+ years of experience leading programs and/or teams, influencing cross-functional stakeholders, and driving process maturity

  • Proven experience implementing or optimizing TPRM programs and establishing a culture of continuous improvement

  • Proven experience implementing or optimizing TPRM/GRC tools to improve workflow automation, data quality, and reporting

  • Strong ability to translate risk into decision-ready recommendations for leaders and to facilitate risk acceptance discussions

  • Demonstrated knowledge of third-party lifecycle practices: due diligence, control validation, contracting requirements, monitoring, and remediation

Preferred Qualifications

  • Experience in regulated industries (financial services, healthcare, insurance, or similar)

  • Familiarity with relevant frameworks and expectations (e.g., NIST, ISO 27001, SOC reports, shared responsibility models, vendor oversight guidance)

  • Certifications such as CISA, CRISC, CISSP, CISM, or equivalent

  • Experience integrating continuous monitoring signals (security ratings, threat intelligence, incident notifications) into a TPRM operating model

Similar Jobs

An Hour Ago
Remote or Hybrid
Mid level
Mid level
Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
Lead development and execution of internal communications and change management strategies to align employees with organizational goals. Manage channels, create content (copywriting, speech writing), use data to improve communications, build stakeholder relationships, embrace technology, oversee project planning/budgeting, and mentor team members while resolving conflicts and driving adoption of communication initiatives.
3 Hours Ago
Easy Apply
Remote
Canada
Easy Apply
Expert/Leader
Expert/Leader
Big Data • Fintech • Mobile • Payments • Financial Services
Partner with senior engineering leaders to drive large-scale organizational change, leadership development, and talent strategy. Lead talent management, succession planning, workforce planning, and people analytics to improve organizational effectiveness, employee engagement, and leadership capability. Serve as a trusted advisor, coach executives, and collaborate with People COEs to scale culture and drive high performance.
3 Hours Ago
Easy Apply
Remote
Canada
Easy Apply
Senior level
Senior level
Big Data • Fintech • Mobile • Payments • Financial Services
Lead and grow a team of 2-3 PMs owning agent tooling and workflows. Define vision and roadmap for agent experience, drive AI-first automation, partner with Operations and cross-functional teams, deliver scalable systems, and measure impact through analytics and experimentation.
Top Skills: Agent ToolingAIAnalyticsAutomationChat SystemsExperimentationPhone SystemsWorkflow Systems

What you need to know about the Montreal Tech Scene

With roots dating back to 1642, Montreal is often recognized for its French-inspired architecture and cobblestone streets lined with traditional shops and cafés. But what truly sets the city apart is how it blends its rich tradition with a modern edge, reflected in its evolving skyline and fast-growing tech industry. According to economic promotion agency Montréal International, the city ranks among the top in North America to invest in artificial intelligence, making it le spot idéal for job seekers who want the best of both worlds.

Key Facts About Montreal Tech

  • Number of Tech Workers: 255,000+ (2024, Tourisme Montréal)
  • Major Tech Employers: SAP, Google, Microsoft, Cisco
  • Key Industries: Artificial intelligence, machine learning, cybersecurity, cloud computing, web development
  • Funding Landscape: $1.47 billion in venture capital funding in 2024 (BetaKit)
  • Notable Investors: CIBC Innovation Banking, BDC Capital, Investissement Québec, Fonds de solidarité FTQ
  • Research Centers and Universities: McGill University, Université de Montréal, Concordia University, Mila Quebec, ÉTS Montréal

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account