JOB MISSION: 

Lead the day to day of the Cohesity Vendor Trust process in assessing new suppliers, assessing engagement risk, performing due diligence and maintaining accurate auditable records of all engagements and related risks. 

KEY RESPONSIBILITIES/OBJECTIVES

• Lead vendor trust management lifecycle.
• Ongoing new vendor due diligence and refresh of vendor reviews/due diligence of existing vendor inventory.
• Collaborate and build cross functional partnerships with Procurement, Information Security, Legal, vendors and business functions.
• Support the Cohesity security and risk programs and remain in compliance with applicable regulations.
• Lead all daily operations related to vendor risk management.
• Maintain and evolve vendor trust policies, processes, procedures and controls.
• Manage and improve metrics and reporting for vendor risk management.
• Support evaluation, selection, implementation, and operationalization of all vendor solutions in support of Cohesity business.
• Stay informed about the latest developments in the vendor risk management field.
• Support contract negotiations with Cohesity vendors.
• Performs additional duties as the need arises.
• Become an expert on the tools used by Cohesity on vendor trust and risk management. 

Experience

Related experience in one or more of the following areas:

1. Risk management, Compliance and/or auditing

2. Vendor Security Risk Management

3. Corporate law/contracting

4. Enterprise governance

5. Information Security

6. Software development (Networking, coding, hardening, quality control etc.).

Education

Relevant degree in Business Administration, Public Policy, Contract Management, Sourcing, Information Technology, Information Security, Data protection, Legal Studies, Risk Management, Regulatory Compliance, Audit, Computing or a related field required.

Skills

• Strong curiosity about information security.
• Strong curiosity about gaining familiarity with common information security management frameworks, such as ISO, SOC and NIST.
• Phenomenal interpersonal skills, in person, on video conference, calls, presentations and text.
• Organized and task oriented, must remain on top of tracking of due and coming due deadlines.
• Detail oriented, risk related work must be recorded in a clear and auditable manner, tools and processes must be up to date with accurate information.
• Must be able to work independently and be comfortable reaching out for support.
• Team and company success mindset. 

Role Attraction

This is a superb opportunity for broad exposure across multiple disciplines, an opportunity to work with and learn from an experienced multidisciplinary team and to gain a great understanding of outsourcing across a large tech company passionate about operational excellence. 

Vendor Trust/Third party risk management  is a relatively new sector that has become more important as outsourcing continues to expand the attack surface of organizations and companies are frequently impacted by high profile vulnerabilities in their supply chain. Cohesity demands excellence in this space to ensure we can leverage third parties for efficiency in a risk adverse manner that enables our business and protects our customers, the successful candidate in this role will get wonderful experience and exposure in this discipline.