.svg)
Blackfluo.ai
Third-Party Risk Management (TPRM) Specialist
TPRM Specialist at Blackfluo.ai (Paris). Assess vendor cybersecurity risks, manage compliance (GDPR/CCPA/HIPAA), develop security policies, monitor threats. 6+ yrs TPRM/vendor risk exp required.
ServiceNow Role Type:
ServiceNow Modules:
Governance, Risk, and Compliance
Incident Management
Third-Party Risk Management
ServiceNow Certifications (nice to have):
Certified Implementation Specialist - Third-Party Risk Management
Job description
Posted on:
December 11, 2025
We are seeking a Third-Party Risk Management Specialist to assess, monitor, and manage cybersecurity and privacy risks associated with vendors, suppliers, and business partners.
Requirements
- Conduct comprehensive security and privacy risk assessments for new and existing third-party vendors
- Implement continuous monitoring programs for vendor security posture and threat intelligence
- Manage vendor risk registers and maintain risk profiles throughout vendor relationship lifecycles
- Develop and negotiate security requirements, SLAs, and contractual risk allocation clauses
- Ensure vendor compliance with regulatory requirements (GDPR, CCPA, HIPAA, SOX) and industry standards
- Coordinate remediation activities for identified vendor security deficiencies and gaps
- Establish risk-based vendor categorization and tiered assessment approaches
- Develop comprehensive TPRM policies, procedures, and governance frameworks
- Establish vendor security standards and minimum security requirements for different risk tiers
- Create vendor onboarding and offboarding security procedures including data return and destruction
- Implement supply chain threat intelligence and geopolitical risk monitoring programs
Requirements Summary
6+ years experience in third-party risk management, vendor assessment, or supply chain security, Bachelor's degree in Risk Management, Cybersecurity, Business Administration, or related field
