Ensemble Health Partners logo
Ensemble Health Partners

Ensemble Health Partners is a hospital and healthcare company that partners with client hospitals to help them develop processes, train teams, reach their finan

Manager, Cybersecurity Governance, Risk & Compliance

Location

United States

Posted

3 days ago

Salary

$118K - $167.7K / year

Seniority

Lead

Bachelor Degree8 yrs expEnglishCyber Security

Job Description

Manager, Cybersecurity Governance, Risk & Compliance

Ensemble Health Partners

• The Cybersecurity Manager – Third-Party Risk Management (TPRM) is responsible for the operational leadership, effectiveness, and continuous maturation of the organization's Third-Party Risk Management program. • Working closely with the Director of TPRM, this role leads a team responsible for vendor risk assessments, contract security reviews, continuous monitoring, remediation governance, and risk reporting activities. • Provide day-to-day leadership, guidance, and oversight for TPRM team members. • Coach, mentor, and develop team members through performance feedback, career development planning, training opportunities, and formal performance evaluations. • Manage team capacity, workload prioritization, resource allocation, and operational challenges to ensure timely delivery of assessments, contract reviews, strategic initiatives, and departmental objectives. • Accountable for team performance, service delivery metrics, quality standards, and achievement of operational goals. • Identify staffing, skillset, and resource needs to support current operations and future program growth. • Foster a culture of accountability, collaboration, innovation, and continuous improvement. • Provide operational oversight and quality assurance for third-party risk assessments, contract security reviews, continuous monitoring activities, and risk evaluations, ensuring consistent application of established methodologies and quality standards. • Own the operational health of the enterprise third-party portfolio by ensuring assessment service levels, continuous monitoring, remediation tracking, and executive visibility objectives are achieved. • Serve as the primary escalation point for complex vendor risk decisions, including risk acceptances, exceptions, compensating controls, remediation plans, and vendor approval recommendations. • Review and approve high-risk assessment findings, risk ratings, remediation recommendations, and exception requests to ensure consistency with enterprise risk standards. • Collaborate with business stakeholders on critical vendor engagements and initiatives.

Job Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Information Systems, Computer Science, or a related field, or equivalent combination of education and experience.
  • Minimum 8 years of cybersecurity, risk management, governance, compliance, or third-party risk management experience.
  • Minimum 2-3 years of direct people leadership experience.
  • Experience leading enterprise Third-Party Risk Management programs or significant cybersecurity governance initiatives.
  • Experience developing executive-level reporting, performance metrics, and strategic communications.
  • Demonstrated experience leading teams responsible for complex vendor risk assessments and cybersecurity evaluations.
  • Strong understanding of third-party risk management practices, cybersecurity controls, and risk assessment methodologies.
  • Experience developing policies, standards, and governance processes within cybersecurity or risk management functions.
  • Strong project management, organizational, and analytical skills.
  • Excellent written, verbal, and presentation skills with the ability to communicate effectively to both technical and executive audiences.
  • Ability to balance strategic planning with hands-on execution in a dynamic environment.

Benefits

  • healthcare
  • time off
  • retirement
  • well-being programs
  • professional certification opportunities
  • tuition reimbursement
  • quarterly and annual incentive programs

Related Categories

Related Job Pages

More Security Engineer Jobs

Highmark Health logo

Principal Information Security Architect – Data Security

Highmark Health

Creating remarkable health experiences, freeing people to be their best.

Full TimeRemoteTeam 10,001+Since 1852H1B Sponsor

• Develop systems and component architectures and APIs that meet the test of time. • Articulate and evangelize architectural principles reciprocally with engineering, architecture and product teams that ensure system components fit securely, are sustainable, and align with company’s business direction. • Analyze and recommend novel technologies, architectural solutions (and associated business cases) to the various technology executives across the company which simultaneously optimize value, risk, spend & design footprints. • Influence enterprise solutions architects and engineers to define, develop, maintain, and communicate the technology and platform strategy, guidelines, and re-usable design patterns to all levels including the Highmark Health executive team. • Work with external and internal engineering teams to provide continuous architecture and design mentorship/leadership and be a source of support that ensures successful product delivery and operational excellence in production, including leadership and support for application development and change management activities. • Establish relationships with key architects and executive technology leadership across the enterprise technology organization and collaborate on promoting architectural standard methodologies. • Collaborate with key internal and external partners such as security, developers, development managers, product and program management and senior technical and business executives to drive the Architecture strategy, reference enterprise architecture documents, functional specifications, designs, and architectural libraries. • Resolve approaches for new areas by quickly investigating and synthesizing the state of the art and available technologies including leading the development of enterprise solutions which meet current and future business requirements. • Take a consultative approach to develop, present and share the value and vision of proposed architectures and solutions to a wide audience. • Promote architecture standard methodologies and mentor key technical people within the Data Product organization. • Champion a culture of innovation in an environment that requires high levels of scalability, security and reliability for our most critical enterprise cloud and 'on premise' applications and infrastructure.

Louisiana + 4 moreAll locations: Louisiana | North Carolina | Maryland | Pennsylvania | Washington
$129.1K - $214.5K / year
HIKINEX logo

Security Consultant

HIKINEX

Design Your Dream Team

ContractRemoteTeam 201-500H1B No Sponsor

• Design and implement security best practices for application modernization and cloud migration initiatives. • Secure ASP.NET Core applications using modern authentication and authorization frameworks. • Configure and manage AWS security services, including IAM, Secrets Manager, Parameter Store, KMS, WAF, GuardDuty, and CloudTrail. • Implement security logging, monitoring, and observability using CloudWatch, OpenTelemetry, and structured logging. • Manage secrets, encryption, and least-privilege access controls across cloud environments. • Conduct security reviews for application and database modernization projects. • Ensure the protection of PHI/PII data through secure cloud architecture and security best practices. • Collaborate with development, infrastructure, and project teams to ensure compliance with security standards and regulatory requirements.

Maryland
Anomali logo

Senior Account Executive, SIEM, Security Analytics

Anomali

Intelligence-Driven Extended Detection and Response (XDR)

Full TimeRemoteTeam 201-500Since 2013H1B Sponsor

• This position will focus on full life cycle field sales and enterprise account development/expansion in the Ohio Valley region, based in Michigan.

Michigan
Full TimeRemoteTeam 10,001+Since 1993H1B Sponsor

• Define the Product Strategy: Turn emerging AI security risks, customer needs, and research breakthroughs into a focused roadmap for agentic AI security platforms. • Lead Cross-Functional Execution: Align research, engineering, security, data, evaluation, runtime, trust and safety, legal, policy, and go-to-market teams around a clear plan. • Build Evaluation and Safety Platforms: Drive open evaluation harnesses, model and agent safety workflows, disclosure processes, and trusted reporting systems. • Advance Secure Agent Runtime Architecture: Shape product direction for secure runtimes, enforcement layers, BlueField, OpenShell, NeMo Security, and related platform capabilities. • Develop Defensive Agent Systems: Lead product thinking for defender swarms, ThreatOps workflows, cybersecurity expert agents, and enterprise-ready security automation. • Partner Across the Ecosystem: Work with strategic partners, including hyperscalers, security vendors, AI labs, and enterprise customers, to validate use cases and bring solutions to market. • Drive Narrative and Market Readiness: Partner with developer relations, product marketing, communications, government affairs, and legal teams to shape the external story and support adoption.

California + 3 moreAll locations: California | New York | Maryland | Virginia
$480K - $690K / year