The Team
We are looking to hire an experienced manager for our Third Party Risk Program on our Security Governance, Risk, and Compliance team. This role will be responsible for managing a team of third party risk specialists, overseeing vendor & data center security reviews, and maturing our third party risk program & tooling.
What you'll do
- Own and manage our third party risk management program controls including vendor risk assessments, security contract terms, and continuous monitoring.
- Determine strategy for assessing and tiering Cloudflare vendors based on security impact.
- Lead Cloudflare's vendor risk assessment process by setting security policies and standards for various types of vendor engagements.
- Ensure that vendors are assessed in accordance with Cloudflare's security policies and standards.
- Support negotiation of security contract terms with vendors by maintaining guidance for Contracts/Legal teams and addressing contract escalations.
- Manage risk findings and policy exceptions identified through the vendor assessments by assessing risk, compensating controls, and determining acceptable risk thresholds.
- Partner with Sourcing, Contracts, Legal, Privacy, and Security teams to support Cloudflare's vendor lifecycle including onboarding, implementation, monitoring, and offboarding.
- Support the design and implementation of a new Procurement tool.
- Manage, engage, and grow a distributed team of Third Party Risk Management Specialists.
- Travel as needed to engage teammates, stakeholders, and vendors in San Francisco, Austin, or other global Cloudflare locations.
Examples of desirable skills, knowledge and experience
- Experience typically gained in 5-8 years working in Security GRC
- Experience managing a third party risk program
- Experience managing a team of GRC specialists
- Solid understanding of security contract terms
- Strong leader and business partner
- Strong organizational, analytical, and interpersonal skills
What We Do
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Why Work With Us
Cloudflare employees come from all walks of life. We are mission-driven, and our team is energized by a collaborative, creative environment that celebrates our differences and fosters new ways to grow together.
Gallery
Cloudflare Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We are committed to developing a global team that is distributed with a flexible working approach. Doing this equitably and inclusively is essential to our success. Visit our careers site for more on 'How & Where We Work.'
