Job Requisition ID #
26WD95022
Position Overview
Join Autodesk's dynamic Third-Party Risk Management (TPRM) team, where you will be instrumental in identifying and evaluating the technical security risks associated with our third-party vendors. You will collaborate closely with cross-functional teams, including IT, Information Security, Procurement, and Legal, to effectively manage and mitigate third-party risks, while empowering business leaders through education and strategic guidance.
Your role encompasses overseeing the entire lifecycle of third-party risk management, including robust technical due diligence during onboarding, ongoing assessments, and off-boarding procedures. You'll assess emerging risks from innovative technologies like Artificial Intelligence (AI) and data management solutions, driving a secure business growth strategy.
This is a unique opportunity to blend leadership, program management, and technical expertise. We are searching for a candidate who can wear multiple hats with skill and confidence.
Note: Due to U.S. government contracting and FedRAMP compliance obligations, U.S. citizenship or U.S. lawful permanent residency is required for this position.
Responsibilities
Set team goals and collaborate with direct reports to develop strategies for execution, measure progress, and celebrate results.
Evaluate technical security risks of third-party vendors during initial due diligence, integration, and re-assessment, focusing on security, data privacy, and compliance risks.
Enhance Autodesk's TPRM systems through improved workflows and risk quantification models, utilizing tools like OneTrust.
Work with Legal and business leaders to integrate comprehensive Trust requirements into vendor contracts, ensuring compliance with relevant frameworks (e.g., GDPR, SOC2).
Engage with high-risk vendors to analyze their security posture and advocate for necessary improvements.
Streamline processes for third-party evaluations, continuous monitoring, and off-boarding to enhance efficiency and scalability.
Maintain a detailed inventory and risk register of third parties, presenting insights and trends to senior leadership.
Assist internal teams in investigating and resolving third-party-related security incidents, establishing clear escalation and remediation protocols.
Oversee team management aspects, including staffing, scheduling, performance management, and professional development.
Foster an atmosphere that attracts, retains, and motivates team members to meet organizational goals.
Utilize critical thinking skills to analyze complex workflows and address challenges without continual guidance.
Effectively communicate risks and solutions based on business context to various stakeholders, including senior executives.
Commit to creating rapid value through quick wins, while also planning for long-term effectiveness.
Demonstrate strong change management abilities to ensure successful implementation of strategies.
Communicate clearly and effectively to influence leadership and partners regarding program design and operational models.
Minimum Qualifications
7+ years in technical third-party security reviews or as a principal technical risk assessor within a technology setting.
3+ years in people leadership, preferably in a remote or hybrid environment.
Relevant professional certifications (e.g., CISSP, CISM, CIPP).
Experience with TPRM tools (such as OneTrust or BitSight).
Familiarity with security concepts like IAM, APIs, and software supply chain risks.
Demonstrated aptitude for process automation through scripting or utilizing AI technologies.
Exceptional verbal and written communication skills with a talent for engaging stakeholders remotely.
Ability to convey complex technical risks to non-technical audiences, including executives.
Preferred Qualifications
Experience in negotiating vendor contracts and defining Trust requirements.
Understanding and application of risk quantification frameworks (e.g., FAIR).
Background in building risk management programs with a focus on automation and continuous monitoring.
Knowledge of AI concepts and their associated security risks, especially concerning LLMs.
The Ideal Candidate
Committed to nurturing and growing the skills and capabilities of their team in a fast-paced remote environment.
Able to seamlessly transition between strategic vision and day-to-day operations as a knowledgeable contributor.
About Autodesk
At Autodesk, we empower creators and innovators who are shaping the future with our software. Whether it’s sustainable buildings, advanced manufacturing, or spectacular films, our technology facilitates remarkable creations every day.
Our culture is pivotal to our success, driving how we collaborate, engage with customers, and approach the world. When you join Autodesk, you become part of a mission to create a better future for all.
Benefits
We provide a comprehensive benefits package, ensuring that our employees can perform at their best while achieving personal and professional goals.
Salary Transparency
For this role, starting base salaries range from $136,000 to $243,210, based on experience and location. Compensation may also include bonuses, stock options, and additional benefits.
Equal Employment Opportunity
At Autodesk, we celebrate diversity and provide equal opportunities to all applicants, regardless of their background.
Diversity & Belonging
We are committed to fostering a culture of belonging where everyone has the opportunity to thrive.