About the Role
The Opportunity
Interested in working for a leading company passionate about creating the future? We are looking for a Director of Third Party Risk Governance & Awareness to join our Corporate Controllership organization!
The ideal candidate will have significant experience and a successful track record in designing, implementing, and leading Third Party Risk Management (TPRM) programs at scale. They will advocate for the program’s success and increase awareness of the importance of TPRM standards and processes.
What You'll Do
Champion and advocate for program maturity and development with key partners across the organization, ensuring alignment with Adobe's overall third-party strategy.
Manage TPRM leadership and governance forums.
Deliver on the program strategy and Steering Committee objectives, optimize the risk identification and mitigation plan for new and existing vendors, benchmark an initial organizational risk tolerance and threshold, and identify relevant regulatory requirements.
Establish clear program metrics, Service Level Agreements (SLAs), and Key Performance Indicators to manage program performance. Use metrics to identify risk areas and opportunities and assess the health of the third-party population.
Regularly assess processes, procedures, tools, and technology integrations. Drive improvements that optimize processes, increase compliance, and enhance cross-functional insights.
Develop and improve Standard Operating Procedures, policies, and other program documentation to define clear roles and responsibilities.
Manage the third-party risk management control requirements and framework.
Lead the creation and execution of awareness programs to educate internal stakeholders on third-party risk management practices.
Stay current with industry trends and best practices in third-party risk management and incorporate them into Adobe’s third-party risk practices.
Establish a risk-based approach to TPRM that ensures risk management activity is commensurate with the level of risk applicable for a given third party.
Coordinate risk management activities and establish clear roles, responsibilities, and ownership.
Lead and report on SLAs, quality, effectiveness, compliance, and efficiency of TPRM activities completed throughout the lifecycle.
Establish a feedback model to collect and assess recommendations from end users and implement continuous operational improvements.
Requirements
What You Need To Succeed
- 10+ years of experience leading teams and driving top-down, critical initiatives.
- Experience in inspiring change and leading a large-scale risk management framework in a large, fast-paced technology company.
- A deep understanding of the different risk domains pertaining to third parties (e.g., information security, privacy, compliance, etc.) and their unique requirements.
- Strong experience addressing senior-level leadership and the ability to collaborate and lead cross-functional teams and initiatives.
- Familiarity with risk frameworks (e.g., NIST Risk Management Framework - SP 800-53) and basic awareness and understanding of software supply chain security standards, such as Google’s SLSA, NIST SSDF, and the CIS Benchmark.
- Certifications such as CISSP, CRISC, CISM, and PMP preferred.
- Experience optimizing risk management or large scale transformational programs for efficiency.
About the Company
Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.
We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!