Overview:
- HealthEquity relies on a broad ecosystem of third party partners, vendors, and service providers to support member, client, and teammate experiences.
- The Director of 3rd Party Risk is a strategic leadership role responsible for overseeing and evolving the third-party risk management program into an enterprise-wide, AI-aware risk governance capability.
What You'll Be Doing:
- Develop and execute a transformational third-party risk strategy that integrates cybersecurity, privacy, resiliency, financial, operational, contractual, reputational, and AI risks into enterprise goals.
- Design policies, standards, playbooks, and scalable processes to streamline third party intake, risk assessments, issues management, offboarding, and continuous monitoring.
- Establish meaningful KRIs, KPIs, dashboards, and management routines that demonstrate whether the program is buying down third-party risk.
What You Will Need to Be Successful:
- Bachelor’s Degree in Computer Science or Engineering, or a related technical field, with 12+ years of combined experience in information security.
- Ability to transform a third-party risk program from activity-based execution to measurable enterprise risk reduction.
- Knowledge of AI technologies, governance concepts, and third-party AI risks, including AI-use disclosure, data protection, and agentic workflow controls.