Vendor Program Manager

Vendor Program Manager

Robert Half is seeking a Program Manager II, Vendor Security Management to work closely with technical and non-technical stakeholders to plan and ensure the enterprises ability to perform critical business processes when faced with extreme operating conditions. This role is responsible for driving Vendor Risk Management planning throughout EIS ensuring that all vendors go through a security assessment and/or renewal in a timely manner. This role supports the EIS department with the development, implementation, and ongoing management of the third-party risk management (TPRM) program. Plans and coordinates all aspects of internal programs that leverage Vendor Risk Management best practices to deliver strategic benefits to the business.





Coordinates work performed by project managers, technical and functional staff across all IT/Business departments, internal customers, and partners, and/or vendors. Programs vary in number, size, and complexity.

Specific responsibilities include:

- Develop and lead programs to shape, build, and communicate the Vendor Security Management strategy in partnership with leadership.
- Develop the creation, refinement, and utilization of Vendor Security KPI’s and external reports to measure effectiveness of the program and strategy.
- Identify and document key program parameters like business objective, benefits definition and realization plan, budget, and schedule, as needed
- Inspire the program team and motivate them to understand and deliver business benefits
- Work with business contacts and other key stakeholders to develop plans, communications mechanisms, and strategies to most effectively drive change throughout the organization






- Actively represent and show presence in the organization as a thought leader and program driver for Vendor Security awareness and oversight through frequent informative news bytes, providing useful and meaningful metrics
- Manages a global program and performs the following responsibilities:

- Conduct ongoing security, privacy, and risk assessments for vendors (risk ratings, security questionnaires, internal communications, tracking, etc.).
- Support the Governance, Risk, and Compliance team with the development, implementation, and ongoing management of the third-party risk management (TPRM) program.
- Interact with all levels of the organization and function as an integral team member in advancing the overall GRC program with respect to third party vendor reviews, risk management policies,





and procedures, operational workflows, and internal audits.
- Learn and understand RH’s risk management policies, procedures and third party risk and compliance program.
- Manage the implementation and maintenance of the TPRM tool (OneTrust) as the central repository for vendor information and assessment.
- Be accountable for TPRM lifecycle activities; including vendor risk assessments, risk methodologies, periodic monitoring and auditing, process documentation, risk remediation, and reporting on assessment outcomes.
- Support security and compliance audits and provide technical and business recommendations to process owners to remediate third party risk findings.
- Broker resource sharing among programs to optimize overall delivery






- Identify improvement ideas and best practices
- Develop and deliver training
- Manage, mentor, and monitor the performance of all program resources assigned to the program
- Define and implement an ongoing a Best Practice Enterprise Vendor Security Management program
- Evaluate risk mitigation efforts as it relates to Vendor Security assessments.
- Develop and implement tools to support vendor security assessments and compliance efforts.
- Advance relationships with Procurement, Security engineering, and Business Leadership teams to drive awareness and adoption of enhanced third party security and risk review processes.
- Collaborate with EIS leadership on program strategy, direction and changes






- Optimize results through highly effective communications at all levels of the organization
- Mentor other PgMs and PMs informally or as assigned
- Deliver effective communications to technical and functional staff, internal partners, customers, and vendors
- Publish objective, regular, and accurate program status to stakeholders.
- Develop and assemble regular communications and presentations for a range of audiences.
- Proactively accommodate changing needs by tailoring standard processes
- Use standard approved processes, tools, and templates, tailoring them as necessary to meet program needs
- Lead projects to improve the program’s maturity, effectiveness, and scalability through automation and process improvements.






- Develop and implement process improvements and be the main point of contact for collaboration with cross-functional stakeholders.
- Establish and drive best practices and governance across all third-party risk management activities to ensure compliance with company policies and regulatory requirements. - Integrat

▶️ Vendor Program Manager
🖊️ Robert Half
📍 Santiago