Fidelity National Financial · 1 day ago
VP, IT Risk Director for Third-Party Risk Management
US-FL-Jacksonville
Full-time
Onsite
Senior Level, Lead/Staff
10+ years expFidelity National Financial is seeking a VP, IT Risk Director for Third-Party Risk Management. This leader will be responsible for evaluating, overseeing, and monitoring technology and security risks associated with the company’s third-party relationships, ensuring compliance with internal policies and regulatory expectations.
FinanceFinancial ServicesWeb Hosting
Responsibilities
Define and champion the strategic roadmap for IT risk management within the TPRM program, facilitating alignment with enterprise risk appetite and transformation initiatives
Mature the TPRM IT and Security Program focused on Software, Software as a Service (SaaS), Cloud providers, AI, and other technology products and services
Enhance the process for identifying and monitoring Fourth Party (vendors of third parties) risk and governance
Evaluate third parties’ entity level and product specific control environments across areas such as regulatory compliance (e.g., NY DFS, CCPA, etc.), cybersecurity posture, access management, data protection, infrastructure and application security, incident response, disaster recovery, and business continuity
Serve as a primary liaison to IT leadership, Information Security, Application Owners, and technology teams on third-party related risks and security considerations
Conduct deeper reviews for higher risk tiered third parties, validating sufficiency of controls and identifying gaps requiring remediation or compensating safeguards
Familiar with existing third-party solutions inventoried and provide recommendations to Third-Party Relationship Managers with pre-approved alternatives
Developing remediation plans with appropriate stakeholders
Interpret technical documentation (SOC reports, SIG questionnaires, penetration tests, vulnerability reports, architecture diagrams, etc.) to form defensible risk conclusions
Contribute to the overall design and execution of the enterprise TPRM strategy, focusing on continuous improvement of IT and security components
Enhance methodologies, scoring models, and workflows that support consistent, risk-based third-party evaluations throughout the third-party lifecycle
Monitor emerging technology risks (e.g., AI, cloud concentration) and integrate them into TPRM frameworks
Provide guidance to business units during third-party selection and renewal processes so that risk is appropriately understood and mitigated
Collaborate closely with Third-Party Relationship Managers to strengthen ongoing monitoring activities and overall vendor lifecycle management
Communicate complex technical risks in clear, actionable terms to non-technical stakeholders and senior leadership
Establish strong working relationships with key third parties in partnership with TPRM owners, managing accountability for required remediations, SLA adherence, and continuous control improvement
Monitor risk trends for critical and high-risk third parties, escalating concerns when needed and advising on appropriate risk treatments
Support contract reviews from a technology and security risk perspective, confirming the appropriate IT, security, and data protection requirements are embedded within contracts or statements of work and are aligned with regulatory and privacy standards
Conduct remote reviews of the third-party to assess operations, controls, and compliance
Confirm disablement/revoking of third-party access to company’s systems or data upon termination or inactivation of services
Prepare and deliver reports, dashboards, and briefings to senior leadership, Risk Committees, and auditors/examiners
Develop and maintain key performance and risk indicators to measure program effectiveness and inform senior leadership
Align TPRM activities with regulatory frameworks and guidelines relevant to financial institutions, such as OCC, FDIC, FFIEC, GLBA, and NIST
Maintain documentation, evidence, and artifacts to support audit readiness and regulatory examination expectations
Collaborate with the Procurement team and other stakeholders to enhance the vendor evaluation and selection criteria
Qualification
Required
Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field
Requires 10+ years of experience in IT risk management, information security, cybersecurity, or related roles, with a strong focus on third-party risk
Deep understanding of IT and Security frameworks, such as NIST CSF, ISO 27001, CIS Controls, SOC reporting, and secure development practices
Proven ability to assess inherent and residual technology risk for vendors and applications
Experience collaborating with IT, security, legal, procurement, and vendor risk teams
Strong communication and stakeholder-management skills, with the ability to translate technical risk into business impact
Preferred
Experience in a regulated industry, preferably financial services
Company
Fidelity National Financial
Fidelity National Financial is a provider of title insurance, mortgage services and diversified services.
10001+ employees
H1B Sponsorship
Fidelity National Financial has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
2023 (4)
2022 (2)
2021 (3)
2020 (2)
Funding
Current Stage
Public CompanyTotal Funding
$2.95B2024-04-16Post Ipo Debt· $2.15B
2024-02-16Post Ipo Debt· $800M
2006-11-10IPO
Leadership Team
Anthony J. Park
EVP, CFO
David Townsend
Senior Vice President Agency Division Manager
Recent News
2026-01-07
2025-12-30
Company data provided by crunchbase