2,062 Third Parties jobs in the United States

**Details**
+ **Department:** Security
+ **Schedule:** Full Time Monday - Friday 8-5pm CT
+ **Location:** Remote
**Benefits**
Paid time off (PTO)
Various health insurance options & wellness plans
Retirement benefits including employer match plans
Long-term & short-term disability
Employee assistance programs (EAP)
Parental leave & adoption assistance
Tuition reimbursement
Ways to give back to your community
_Benefit options and eligibility vary by position. Compensation varies based on factors including, but not limited to, experience, skills, education, performance and salary range at the time of the offer._
**Responsibilities**
The **Director of Identity Security - Third Parties** is a strategic leadership role responsible for governing and securing identity and access for third-party entities, including major service providers and buyers involved in mergers, acquisitions, and divestitures. This leader will design, implement, and oversee the identity governance framework for external organizations interacting with the healthcare system, ensuring secure, compliant, and seamless access management across the enterprise ecosystem.
The ideal candidate brings extensive experience in Identity Governance and Administration (IGA) tools, strong understanding of IAM processes, and a deep appreciation for the complexity of third-party risk management in the healthcare sector.
**Key Responsibilities**
**Strategic Leadership**
+ Define and execute the third-party identity security strategy aligned with organizational goals and healthcare regulatory requirements.
+ Provide IAM leadership during M&A transactions, ensuring secure onboarding/offboarding and ongoing access management for buyers and divested entities.
+ Serve as the enterprise authority on third-party identity governance and lifecycle management.
**Identity Governance and Administration**
+ Lead the deployment and optimization of IGA platforms (e.g., SailPoint, Saviynt, or equivalent) Identity Proofing (e.g: Clear) solutions for third-party user lifecycle management, access certifications, policy enforcement, and reporting.
+ Establish identity policies and procedures for provisioning, deprovisioning, and recertification of third-party users.
**Third-Party Access Management**
+ Oversee the access management program for external vendors, service providers, and joint venture partners, ensuring least privilege access, role-based access control (RBAC), and adherence to segregation of duties (SoD) principles.
+ Collaborate with Legal, Compliance, Procurement, and IT Security to define identity requirements in third-party contracts and business associate agreements (BAAs).
**Risk and Compliance**
+ Monitor and manage identity-related risks introduced by third-party relationships, ensuring adherence to HIPAA, HITECH, and other regulatory standards.
+ Lead periodic audits and third-party access reviews, remediating non-compliant access in collaboration with business owners.
**Cross-Functional Collaboration**
+ Work closely with M&A integration/divestiture teams, Infrastructure, Application Owners, Legal, and Security Operations to support seamless transitions of identity services.
+ Act as the liaison between IAM and business units regarding third-party access requests, escalations, and exception management.
**Qualifications**
**Education & Experience:**
+ Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field (Master's preferred).
+ 10+ years of progressive experience in Identity & Access Management, with at least 5 years in a leadership role.
+ 3+ years managing identity services for third parties, particularly in complex, federated environments.
+ Deep experience with IGA platforms such as SailPoint, Saviynt, or One Identity.
**Preferred Industry Experience:**
+ Healthcare provider environment with knowledge of EHR systems (e.g., Epic, Cerner), clinical workflows, and patient privacy standards.
+ Involvement in M&A activities with exposure to system separation, access divestiture, and third-party identity transition planning.
**Skills and Competencies:**
+ Strong leadership and program management skills
+ Expert knowledge of IAM processes (Joiner/Mover/Leaver, RBAC, SSO, MFA, PAM)
+ Excellent communication and stakeholder management abilities
+ Analytical mindset with a focus on governance, compliance, and risk mitigation
+ Strong vendor management and contract negotiation skills related to identity services
**Requirements**
Licensure / Certification / Registration:
+ Law Enforcement.Licensure specific to state in which work is performed is preferred.
Education:
+ Bachelor's degree required.
+ Master's degree preferred.
Work Experience:
- 7 years of experience required.
- 10 years of experience preferred.
- 5 years of leadership or management experience preferred.
**Additional Preferences**
**Certifications (Preferred but not required):**
+ CISSP, CISM, or similar
+ Identity-specific certifications (e.g., SailPoint Certified IdentityNow Professional)
#LI-Remote
**Why Join Our Team**
When you join Ascension, you join a team of over 134,000 individuals across the country committed to a Mission of serving others and providing compassionate, personalized care to all. Our inclusive culture, continuing education programs, career coaches and benefit offerings are just a few of the resources and tools that team members can use to create a rewarding career path. In fact, Ascension spent nearly $46 million in tuition assistance alone to support associate growth and development. If you are looking for a career where you can grow and make a difference in your community, we invite you to join our team today.
**Equal Employment Opportunity Employer**
Ascension provides Equal Employment Opportunities (EEO) to all associates and applicants for employment without regard to race, color, religion, sex/gender, sexual orientation, gender identity or expression, pregnancy, childbirth, and related medical conditions, lactation, breastfeeding, national origin, citizenship, age, disability, genetic information, veteran status, marital status, all as defined by applicable law, and any other legally protected status or characteristic in accordance with applicable federal, state and local laws.
For further information, view the EEO Know Your Rights (English) ( poster or EEO Know Your Rights (Spanish) ( poster.
As a military friendly organization, Ascension promotes career flexibility and offers many benefits to help support the well-being of our military families, spouses, veterans and reservists. Our associates are empowered to apply their military experience and unique perspective to their civilian career with Ascension.
Pay Non-Discrimination Notice ( note that Ascension will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Ascension will not solicit money or banking information from applicants.
**E-Verify Statement**
This employer participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.
E-Verify (

Introduction

Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.

Overview

The new intern will provide support the team function including the newly received 5 IAD issues, OCC recommendations, and perform the business-as-usual activities, or conduct ad-hoc activities / requirements.

Responsibilities

Responsibilities include but not limited to supporting the third party risk management of ORD in following aspects:
•Develop monthly ORC/RMICC reporting metrics meetings;
•Assist with OCC and IAD ad-hoc request;
•TPRM related activities.

Qualifications

•Strong verbal and written skills in English, Chinese capacity will be advantage;
•Strong analytical skills;
•Computer (Microsoft office including PowerPoint);
•Knowledge of operational or enterprise risk management concepts, framework, methods, and good governance practices;
•Financial knowledge of business policies, products, processes, systems, and roles.

Pay Range

Actual salary is commensurate with candidate's relevant years of experience, skillset, education and other qualifications.

USD $8.00 - USD 18.00 /Hr.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.

The Principal, Third Party Risk Management is responsible for executing risk assessments with the goal of effectively identifying, analyzing, and evaluating cybersecurity risks to Carnival Corporation plc. These assessments will primarily be for third party, where expertise in technology and understanding what gaps in processes or technology mean in terms of real-world risk.
Primary activities include, but are not limited to, gathering information (such as security gaps, mitigating controls, design, financials, security program artifacts) to execute risk assessments on the third party being assessed. The successful candidate will utilize their security and technical expertise to define cybersecurity risks, rate those risks, communicate those risks, defend their analysis, and work with the business to drive down risk to acceptable levels. Additionally, the selected candidate will manage and facilitate the assessment process. Additionally, for third party risk assessments, they will ensure contractual requirements are incorporated into legal agreements.
The selected individual will provide support internally to the Global Cybersecurity Services (GCS) team, which is responsible for the Risk Management function, including the Third Party Security Risk Management program. They will manage service level agreements for assessment reviews, troubleshoot and enhance functionality within the tool used to conduct assessments (OneTrust), and act as the primary escalation liaison between the TRSPM team and the business owners of the third party relationships.
Strong process management and communication skills are required for this role. A sound knowledge of the industry and TPRM experience will be applied to assist leadership with ongoing strategic efforts, such as: integration with surrounding global functions and systems, global program facilitation and reporting capabilities, management of professional services and associated KPIs, and implementation of additional program automation and identified development opportunities.
**Essential Functions:**
+ **Third-Party Risk Management**
+ Assess the risk of third-party business partners based on their procedures and controls.
+ Facilitate third-party risk management due-diligence processes across business units.
+ Execute risk assessments for third parties working with Carnival.
+ Drive appropriate stakeholder participation in the assessment, evaluation, and response to risk.
+ Manage vendor relationships, fielding inquiries, and overseeing/assisting in the vendor assessment process."
+ **Risk Management**
+ Serve as a risk subject-matter-expert.
+ Identify, analyze, evaluate, and work with the business to manage risks.
+ Execute risk assessments for exceptions and new projects.
+ **Training and Development**
+ Conduct training as required throughout company business units to enhance understanding and awareness of risk.
+ **Reporting and Support**
+ Provide weekly leadership status updates.
+ Continue development of the OneTrust dashboard and reporting capabilities to highlight key program KPIs and KRIs.
+ Support program lead with all additional ongoing strategic projects to enhance program maturity.
**Qualifications:**
+ Bachelor's degree in a relevant field of study or commensurate professional experience
+ The candidate will have a minimum of 8 years of relevant Risk Management experience or similar IT function.
+ CTPRP, CISSP, CISM, CRISC
**Knowledge, Skills, and Abilities:**
+ Excellent oral and written communication, presentation and collaboration skills.
+ Strong organization skills with the ability to deal with multiple tasks and projects simultaneously.
+ Familiarity with NIST CSF, 800-30, 800-53, 800-171, 800-161
+ Experience working with legal to conduct contract language reviews.
+ Experience with GRC tools used to conduct TPRM due diligence assessments, preferably OneTrust.
+ Experience with VISO Trust.
+ Experience with Black Kite.
Physical Demands: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.
Travel: Less than 25% with shipboard travel likely
Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.
This position is classified as "in-office." As an in-office role, it requires employees to work from a designated Carnival office in South Florida Tuesday through Thursday each week. Employees may work from their homes on Mondays and Fridays. Candidates must be located in (or willing to relocate to) the Miami/Ft. Lauderdale area.
Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.
At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival's discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including:
+ Health Benefits:
+ Cost-effective medical, dental and vision plans
+ Employee Assistance Program and other mental health resources
+ Additional programs include company paid term life insurance and disability coverage
+ Financial Benefits:
+ 401(k) plan that includes a company match
+ Employee Stock Purchase plan
+ Paid Time Off
+ Holidays - All full-time and part-time with benefits employees receive days off for 8 company-wide holidays, plus 2 additional floating holidays to be taken at the employee's discretion.
+ Vacation Time - All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year. All employees gain additional vacation time with further tenure.
+ Sick Time - All full-time employees receive 80 hours of sick time each year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.
+ Other Benefits
+ Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends
+ Personal and professional learning and development resources including tuition reimbursement
+ On-site Fitness center at our Miami campus
#LI-TM1
#LI-Hybrid
#Corp
About Us
Carnival Corporation & plc is the world's largest leisure travel company, our mission to deliver unforgettable happiness to our guest through our diverse portfolio of leading cruise brands and island destinations, including Carnival Cruise Line, Holland America Line, Princess Cruises, and Seabourn in North America and Australia; P&O Cruises and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe.
Join us and embark on a career that offers not only the chance to grow professionally but also the opportunity to be part of a global community that makes a difference.
In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.
Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability, or any other classification protected by applicable local, state, federal, and/or international law.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.

*THIRD PARTY RISK MANAGEMENT LEAD*
WHAT IS THE OPPORTUNITY?
Third Party Risk Management (TPRM) Lead is responsible for providing Enterprise wide third party risk management services, including taking a lead role to define, implement, and maintain a risk framework, operating model, policies, procedures, governance and oversight programs for all lines of business and subsidiaries. CNB established the TPRM program as a second line function, enabling CNB to manage third party risk effectively and efficiently, relative to its size and complexity. The lead is responsible for ensuring the program meets regulatory guidance, aligns with CNB's parent company, and incorporate changes as necessary.
WHAT WILL YOU DO?
* In partnership with the TPRM Program Manager, develop a successful implementation plan consisting of: Assist with the development and execution of an TPRM risk framework, policies and procedures. Direct assessments on key controls and overall compliance with the TPRM program, including the timeliness, completeness, and accuracy of risk assessments. Provide risk-consulting serves to first line third party risk managers for complex arrangements. Develop risk analysis and reporting, including risk metrics, for dissemination to both first line of defense (technology) leadership, risk management committees, CNB's parent holding company, and CNB's regulators. Streamline processes for risk identification and assessment, control assessment, testing and issue management.
* Lead continuous improvement activities and initiatives for TPRM, working with stakeholders, subject matter experts, and analysis of exception reports to define issues, determine root cause, and determine appropriate changes.
* Identify and assess requirements for CNB's GRC system to increase automation, and process effectiveness and efficiency.
* Responsible for reviewing SSAE 18 reports for CNB's third parties and evaluate for completeness, appropriateness, and assess impact to CNB on findings and exceptions to support CNB's Sarbanes Oxley, FDICA, and SOC programs.
* Manage coordination of assignment of resources based on demand and capacity, and required subject matter expertise, including augmenting internal staff with external resources as necessary.
* Ensure appropriate escalate of issues to first line and senior management as required.
WHAT DO YOU NEED TO SUCCEED?
*Required Qualifications**
* Minimum of 7 years of third party risk management, assurance and / or oversight or relevant supplier or third party audit or compliance experience
* Minimum of 4 years of experience in risk and controls for information technology and cybersecurity, appropriately scoping assessments, providing credible challenges, and performing assurance testing.
* Minimum of 4 years working with a GRC system, incorporating continuous improvement for the system and process.
*Additional Qualifications*
* Comprehensive knowledge of third party and information technology risk management processes and methodologies
* Experience using third party risk management /Governance, Risk and Compliance (GRC) systems
* Experience assessing contracts, including master service agreements, statements of work, and license agreements.
* Experience assessing cloud servicing arrangements
* Knowledge of and experience in designing and operating governance, frameworks and processes to comply with vendor management / third party risk management related regulatory requirements, guidance and oversight (OCC 2013-29, Fed SR 13-19 or other relevant third party risk management / vendor management regulation applicable to the financial services industry)
* Currently hold or quickly obtain industry recognized third party risk management or vendor management certification
* Excellent oral and written communication skills; experience performing both detailed and executive-level documentation
* Advanced knowledge of Microsoft Office tools; specifically, Excel, PowerPoint and SharePoint
* Experience with reporting platforms such as Tableau, SQL scripts, and Microsoft SSRS desirable
*WHAT'S IN IT FOR YOU?*
*Compensation*Starting base salary: $111,408 - $189,738 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
*Benefits and Perks*
At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
* Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
* Generous 401(k) company matching contribution
* Career Development through Tuition Reimbursement and other internal upskilling and training resources
* Valued Time Away benefits including vacation, sick and volunteer time
* Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
* Career Mobility support from a dedicated recruitment team
* Colleague Resource Groups to support networking and community engagement
Get a more detailed look at our US
Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at AND EQUAL OPPORTUNITY EMPLOYMENT*
City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.