About Company
At Delaplex, we believe true organizational distinction comes from exceptional products and services. Founded in 2008 by a team of like-minded business enthusiasts, we have grown into a trusted name in technology consulting and supply chain solutions. Our reputation is built on trust, innovation, and the dedication of our people who go the extra mile for our clients. Guided by our core values, we don't just deliver solutions, we create meaningful impact.
Position: Third-Party Cybersecurity Risk Management (TPRM) Contractor
Contract Duration: 12 months (with potential extension)
Overview
We are seeking a skilled and motivated Third-Party Cybersecurity Risk Management (TPRM) Contractor to support our growing cybersecurity and risk management program. This role will focus on performing vendor cyber risk assessments, maintaining and enhancing our OneTrust platform, and collaborating closely with key stakeholdersincluding Legal, Global Risk, Privacy, and Business Developmentto strengthen and streamline our third-party risk and AI governance processes.
Key Responsibilities
- Perform third-party cyber and AI risk assessments for vendors, with consideration of security, compliance, and AI governance risks.
- Evaluate vendor security and AI-related documentation (SOC reports, ISO certifications, AI model documentation, risk assessments).
- Maintain and optimize the OneTrust TPRM platform, including workflows, reporting, and issue resolution.
- Review of security provisions in vendor agreements
- Partner with Legal, Privacy, Risk, and Business Development to improve policies, processes, and reporting.
- Track vendor risk findings, remediation efforts, and audit documentation.
- Provide support, best practices, and guidance on TPRM practices to internal stakeholders.
- Contribute to awareness and training initiatives on third-party risk and responsible AI practices across the organization.
- Establishes and tracks key performance indicators (KPIs) to monitor and communicate the overall status of the TPRM program.
Qualifications
- 3+ years of experience in cybersecurity, vendor risk management, or related field.
- Experience conducting vendor security risk assessments.
- Familiarity with OneTrust or other TPRM/Governance Risk & Compliance platforms.
- Strong knowledge of frameworks: NIST CSF, ISO 27001, SOC 2, plus NIST AI RMF, ISO 42001, EU AI Act, and NIS2.
- Adept at managing and reprioritizing tasks to meet dynamic business demands and critical deadlines.
- Excellent written and verbal communication skills with the ability to influence across functions.
- Strong organizational skills and attention to detail.
- Knowledge of privacy and compliance regulations (e.g., GDPR, HIPAA, CCPA).
- Experience with process improvement and policy development.
- Prior consulting or contractor experience preferred.
Skills: management,risk,cybersecurity,compliance
