Manager, Third Party Cyber Risk

Labcorp has an exciting opportunity for an experienced third-party risk professional to join our Cyber GRC team, within the Office of Information Security. This individual will be responsible for managing the operational and strategic aspects of the third-party cyber risk program, under the direction of the Sr. Manager of Cyber Risk. The role will manage a diverse team of employees and contractors who execute the day-to-day activities of assessing risk associated with Labcorp's third party vendor and supplier relationships, as well as managing all associated processes, tools, and technology. This individual will be accountable for ensuring timely and accurate completion of third-party cyber risk assessments, peer reviews of third-party cyber risk reports, developing and implementing metrics and management reporting, escalating issues, and ensuring the needs of business partners are met. This individual may also need to be hands on in supporting assessment of Labcorp's third parties, identification of control gaps, remediation of issues, and influencing business decisions regarding third party risk.

This position supports a global business dedicated to improving health and improving lives; as such, the individual will be expected to operate with a high level of integrity, be professional, and always work in the best interest of the company, its customers, and its stakeholders. Labcorp is looking for a collaborative self-starter to integrate into the business workflow providing guidance, oversight, and actionable risk analysis to enable the business to achieve their objectives in a secure manner, while maintaining compliance and ensuring patient safety.

RESPONSIBILITIES

• Identifying opportunities for improving operational effectiveness
• Driving program and tool enhancements
• Supporting communication and training related to the program and systems
• Reporting on performance and risk metrics
• Partnering with internal and external auditors, where required
• Conducting regular program self-assessments
• Partner with legal, compliance, IT, and business to proactively identify and mitigate risk
• Support of potential third party cyber / data related events, as necessary

REQUIREMENTS

• 3-5 years of experience in third party risk management in a global, highly regulated environment.
• Have experience with industry frameworks and regulations (e.g. NIST, PCI, HIPAA)
• Hold a current Risk, IT Security, Technology, or Project Management certification
• Keep abreast of cyber, information security, technology, and associated trends and risks, as well as an understanding of existing and upcoming regulations
• Be experienced in leading people
• Be able to present risks and recommendations in business oriented terms
• Possess strong written and verbal communication skills, and the ability to adjust communication style for the audience
• Build and maintain effective relationships across the organization
• Effectively manage competing priorities
• Be passionate about their work and supporting customers

EDUCATION

• Bachelor's degree, or equivalent work experience, in the field of information technology, risk management, or cyber/information security

Pay Range: $77,002 - $125,500 annual salary

Benefits: All job offers will be based on a candidate's skills and prior relevant experience, applicable degrees/certifications, as well as internal equity and market data. Regular, full-time or part-time employees working 20 or more hours per week are eligible for comprehensive benefits including: Medical, Dental, Vision, Life, STD/LTD, 401(K), ESPP, Paid time off (PTO) or Flexible time off (FTO), Commissions, and Company bonus where applicable. For more detailed information, please click here.

Labcorp is proud to be an Equal Opportunity Employer:

As an EOE/AA employer, Labcorp strives for diversity and inclusion in the workforce and does not tolerate harassment or discrimination of any kind. We make employment decisions based on the needs of our business and the qualifications of the individual and do not discriminate based upon race, religion, color, national origin, gender (including pregnancy or other medical conditions/needs), family or parental status, marital, civil union or domestic partnership status, sexual orientation, gender identity, gender expression, personal appearance, age, veteran status, disability, genetic information, or any other legally protected characteristic. We encourage all to apply.

For more information about how we collect and store your personal data, please see our Privacy Statement.