Apply on Employer Site

CoreWeave · 15 hours ago

TPRM Technical Program Manager

Livingston, NJ

Full-time

Hybrid

Mid, Senior Level

$143K/yr - $210K/yr

4+ years exp

CoreWeave is The Essential Cloud for AI™, providing a platform that enables innovators to build and scale AI with confidence. The TPRM Technical Program Manager will work with cross-functional teams to build leading TPRM programs across all phases of the vendor lifecycle, contributing directly to the company's security and privacy objectives.

AI InfrastructureArtificial Intelligence (AI)Cloud ComputingCloud InfrastructureInformation TechnologyMachine Learning

No H1B

U.S. Citizen Only

Responsibilities

Contribute to the the Third-Party Risk Management (TPRM) strategy and roadmap, ensuring alignment with CoreWeave's overall security, privacy, and business objectives

Oversee & execute third party security risk assessments, including analysis of appropriate security controls, contract requirements, and compliance documentation

Define TPRM methodologies and operational workflows

Drive cross-functional consensus among stakeholders to standardize TPRM processes and controls across the entire vendor lifecycle

Act as the primary subject matter expert (SME) for technical TPRM risks, effectively communicating complex concepts and remediation strategies to technical and executive audiences

Develop, implement, and automate technical risk assessment methodologies, focusing on high-risk domains such as cloud security, data processing/privacy, and secure SDLC

Tailor communications to a diverse audience and remain adaptable to a wide range of personalities and technical depth

Qualification

Third Party Risk ManagementCloud securityTechnical risk assessmentSecurity certificationsVendor lifecycle managementProject managementCommunication skillsCollaborationAdaptability

Required

4+ years of hands-on experience in Third Party Risk Management, including demonstrable experience building or maturing a TPRM program in a fast-paced, high-growth, or cloud-native environment

A Bachelor's degree in Information Security, Computer Science, or a related field or equivalent job experience

Adept understanding of procurement and vendor lifecycle management

Adept understanding of security concepts, including relevant certifications (ex. CISSP, Security+)

Familiarity with industry-standard control frameworks and regulations (e.g., SOC 2, ISO 27001, NIST CSF, PCI DSS, GDPR, CCPA)

Strong project and program management skills, including planning, scheduling, risk identification, and resource allocation

Demonstrated ability to influence without direct authority and collaborate effectively with diverse stakeholders, including Engineering, Procurement, Legal, and external vendor teams

Exceptional written and verbal communication skills, with the ability to articulate technical risks and program status clearly to both technical engineers and executive leadership