Third-Party Risk Sourcing Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

The New York Times · 1 month ago

Third-Party Risk Sourcing Manager

positionNew York, NY
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$125K/yr - $145K/yr
date5+ years exp

The New York Times is a leading media organization committed to independent journalism. The Third-Party Risk Sourcing Manager will lead third-party risk due diligence efforts, collaborating with various departments to manage risks and support sourcing programs.

Digital MediaJournalismNews
check
H1B Sponsor Likelynote

Responsibilities

Perform initial reviews for low/medium-risk vendors. During these reviews, you will examine evidence to identify gaps and residual risk. This evidence includes SIG/SIG Lite, CAIQ, SOC 2 Type II, ISO 27001, PCI SAQ/AoC, DPAs, BC/DR, and VAPT summaries. Evaluate and escalate high-risk vendors to internal subject matter experts and coordinate mitigation actions and follow up
Lead time-bound risk review meetings and escalations with subject matter experts. You will maintain using risk guides, document decisions and risk acceptance, coordinate mitigations, and track remediation to closure
Manage Third-Party Risk Management (TPRM) inventory and assessment Service level agreements. You will support incident response and vendor issue management. Additionally, you will process metrics involving publishing dashboards that track cycle time, backlog age, assessments, and remediation closure, and delivering partner training
Tail-spend sourcing: Increase delivery velocity with risk-appropriate approaches; apply guides, informal RFx, and negotiation strategies
Intake/help desk: Serve as the front door for sourcing requests; maintain Service level agreements, and measure requester satisfaction
Efficient Contracting: use standard templates and establish fallback positions to manage Legal escalations
Enablement and continuous improvement: Improve adoption of Sourcing templates, and guides; refine Sourcing intake workflows to apply risk-appropriate effort
AI-assisted workflows: Design and operationalize AI-assisted processes (with guardrails) for Sourcing tasks
Demonstrate support and understanding of our value of journalistic independence and a commitment to our mission to seek the truth and help people understand the world

Qualification

Third-party risk managementVendor risk assessmentTPRM systems knowledgeContractual terms familiarityPrivacy regulations knowledgeCoaching skillsCommunication skillsProblem-solving skills

Required

5+ years of experience in third-party risk management, vendor risk, IT risk, or adjacent governance roles, with hands-on due diligence and assessment experience
Proficiency in reviewing vendor security/privacy evidence
Familiarity with contractual terms in procurement, including limitation of liability, indemnities, confidentiality and Service Level Agreements
Knowledge of TPRM systems (e.g., ProcessUnity, Navex, Whistic) and intake-to-pay systems (preferably Zip)
Understanding of external ratings from providers like BitSight, SecurityScorecard, and others
Familiarity with frameworks is important. These include the National Institute of Standards and Technology Cybersecurity Framework, ISO 27001/27701, SOC 2, and PCI DSS. Additionally, knowledge of privacy regulations is necessary, such as the General Data Protection Regulation and California Privacy Rights Act
Experience managing queues against Service level agreements and prioritizing trade-offs
Bachelor's degree or equivalent practical experience

Preferred

5+ years of Experience in Financial Services, or other regulated sectors
CTPRP, CRISC, or relevant security/risk certificates

Company

The New York Times

twittertwittertwitter
company-logo
The New York Times is powered by the idea that independent, deeply reported journalism fuels a healthy and engaged society.
dateFounded in 1851
location
New York, New York, USA
people-size1001-5000 employees
web-link
https://www.nytco.com/

H1B Sponsorship

The New York Times has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (40)
2024 (20)
2023 (21)
2022 (36)
2021 (27)
2020 (36)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
William Bardeen
Chief Financial Officer
linkedin
leader-logo
Crystal Chien
VP of Engineering
linkedin

Recent News

Morningstar.com
Universal Music Names Hannah Poferl as Chief Data Officer
2026-01-15
DIGIT
The Rise of ‘AI Slop’ and the Fall of News Traffic
2026-01-14
IndiaTimes
Wordle Answer January 12: Hints and solution revealed for the Monday challenge
2026-01-12
Company data provided by crunchbase