CrawlJobs Logo

Vendor Security Program Manager

openai.com Logo

OpenAI

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

165600.00 - 335000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Program Manager within the Vendor Security team, you will play a crucial role in protecting our organization against external risks posed by suppliers, vendors, partners, and hardware manufacturers. Your responsibilities will include conducting comprehensive security assessments, building a program to manage global supply chain and vendor risks, and driving security initiatives across all of our third-party relationships. You will be analytical, detail-oriented, and proactive, capable of translating complex security evaluations into clear, actionable strategies. The role is expected to operate with a strong point of view on risk. You will be responsible not only for identifying and documenting vendor and supply-chain risk, but for helping the company make informed trade-offs between speed, scale, and security. This role requires exceptional organizational skills, the ability to effectively communicate across different business functions, and a strong commitment to operational excellence in a dynamic environment.

Job Responsibility:

  • Be the interface for Security to the rest of the organization for vendors
  • Own vendor security risk decisions and escalation paths, including clearly documenting risk acceptance, mitigation plans, and executive-level trade-offs when security requirements cannot be fully met
  • Conduct deep, evidence-based security assessments of third parties, including review of architectures, configurations, controls, logs, and operational practices - moving beyond questionnaires and attestations to validate real-world security posture of vendors
  • Assess and manage security risk across a diverse vendor landscape, including SaaS providers, cloud and infrastructure partners, hardware manufacturers, chip suppliers, and other strategic or high-impact suppliers
  • Develop, build, and continuously improve the vendor security program and security supply chain risk management function at OpenAI
  • Develop, propose, and implement effective controls to mitigate identified vendor risks
  • Build and maintain collaborative partnerships with key internal stakeholders including Infrastructure Security, Product, Engineering, Legal, Procurement, and Threat Intelligence to ensure comprehensive security coverage of the vendor and third-party supply chain
  • Streamline and automate vendor and supply chain security processes to increase efficiency and reduce manual overhead

Requirements:

  • Proven experience conducting third-party or supply chain security assessments, including building and scaling a vendor management security program
  • An in-depth understanding of information security principles and controls, including data protection, access management, proactive and reactive security measures, and application security
  • Comfort operating in ambiguity, with the ability to form defensible security opinions even when information is incomplete, timelines are compressed, or business pressure is high
  • Strong technical and analytical skills, with a demonstrated ability to identify and assess risks from external incidents and industry breaches
  • Familiarity with workflow optimization tools such as Zip and OneTrust
  • A passion for integrating new AI technologies into your solutions
  • Exceptional verbal and written communication skills with the capability to clearly articulate complex security concepts to diverse audiences
  • A proactive mindset and desire to own and drive security initiatives within a fast-paced environment
  • Knowledge of key security frameworks and standards such as ISO-27001, NIST 800-53, SOC 2, and understanding of key regulatory requirements such as the Trade Agreement Act (TAA)
What we offer:
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • Performance-related bonus(es) for eligible employees

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
OpenAI - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vendor Security Program Manager

Program Manager

IMC is looking for a program manager (PM) to lead a diverse team of individuals ...
Location
Location
United States , Washington, D.C. area
Salary
Salary:
100000.00 - 175000.00 USD / Year
imcva.com Logo
Innovative Management Concept
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Current Project Management Institute (PMI) Project Management Professional (PMP) certification
  • Pursuant to a government contract, this specific position requires U.S. Citizenship
  • This position may require an active government security clearance or be able to obtain such clearance
  • Bachelor’s or master’s degree in computer or management discipline
  • Minimum of 10 years of project/program management experience with extensive experience managing complex and multi-faceted IT projects
  • Work independently with little to no oversight
  • Ability to accommodate multiple projects
  • Leading and participating in project teams comprised of government and contract personnel
  • Ability to communicate at all levels, verbally and written, and conduct meetings and presentations
  • Interpersonal skills for dealing with internal and external customers as well as a diverse staff group
Job Responsibility
Job Responsibility
  • Lead, manage, and provide overall task order leadership and oversight for a complex IT contract
  • Develop and execute the strategy to ensure compliance with the statement of work, IMC quality expectations, and overall program success
  • Provide strategic planning and service management support to the team and advise the customer
  • Provide leadership to, management of, and support for teams engaged in program and project management, change management, requirements management, schedule management, risk management, process improvement, training, requirements gathering, and all related initiatives
  • Develop and provide detailed program status reports as required
  • Set and track project milestones
  • manage and account for unforeseen delays, then realign schedules and expectations as needed
  • Establish and implement project communication plans, providing status updates to affected staff and stakeholders
  • Develop, maintain, and grow customer relationships
  • Ensure project documents are complete, current, and stored appropriately
  • Fulltime
Read More
Arrow Right

D&T Senior Program Manager - Networks

The Snr. Programme Manager is responsible for managing and overseeing complex IT...
Location
Location
Salary
Salary:
Not provided
aramex.com Logo
Aramex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A university degree in Management Information Systems, computer Science or related field is essential
  • Minimum 12–15 years of experience in IT
  • At least 9–11 years in leading complex, multinational network and infrastructure projects
  • Experience in: Global SD-WAN rollouts and ISP consolidation
  • Network segmentation and security zone implementations
  • On-prem to cloud network transformation across hybrid environments (Azure, AWS, OCI)
  • Strong understanding of network governance, performance management (NPM/APM), cloud connectivity models (VPN/Direct Connect/ExpressRoute), and high availability designs
  • Strong understanding of IT Governance, processes, and methodologies – waterfall and agile methodologies and qualifications
  • Excellent leadership, communication, and analytical skills
  • Excellent Knowledge of performance evaluation techniques and key metrics
Job Responsibility
Job Responsibility
  • Manage and oversee complex IT projects from inception to completion
  • Ensure projects are delivered on time, within budget, and to the specified quality standards
  • Strategic planning, resource allocation, risk management
  • Lead IT project teams to achieve project goals
  • Maintain strong communication with stakeholders
  • Manage project budgets
  • Ensure compliance with relevant regulations and quality standards
  • Monitor project performance
  • Implement continuous improvement practices
  • Document all project activities
Read More
Arrow Right

Digital Governance and Vendor Management Lead

The Digital Governance Sr Analyst drives excellence through strategic oversight ...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years experience in Compliance and Risk Management
  • Strong understanding of digital franchise operations and emerging technology risks
  • Track record of success in leading critical projects with excellent influencing skills
  • Ability to create relevant strategy and lead ideation processes with stakeholders through to implementation phases
  • Strong verbal, written communication and presentation skills
  • Proven ability to thrive in a dynamic, fast-paced environment with minimal guidance and supervision
  • Expertise in regulatory mapping and change impact analysis methodologies
  • Demonstrated experience in third party risk assessment and vendor lifecycle management
Job Responsibility
Job Responsibility
  • Perform comprehensive regulatory mapping exercises to identify applicable requirements across business operations
  • Conduct regulatory change impact analysis to assess effects of new and evolving regulations on business processes
  • Prepare documentation, arrange for evidence collection and manage impact assessments and escalations
  • Execute primary business owner responsibilities encompassing the entire cycle from onboarding to ongoing monitoring and offboarding processes
  • Analyze and review quarterly regulatory monitoring results, identify gaps and implement suitable corrective actions
  • Serve as a key liaison in managing third party vendor relationships and oversight programs
  • Work closely with various enterprise functions such as Risk, Operations, Compliance, Legal, Data Security and Fraud teams
  • Facilitate cross-functional regulatory interaction lifecycle management
  • Ensure adherence to controls frameworks by developing standards that promote consistency of processes across the organization
  • Track and monitor internal compliance issues, regulatory commitments and enforcement actions
What we offer
What we offer
  • Extensive on-the-job training and exposure to senior leaders
  • Traditional learning opportunities
  • Chance to give back and make a positive impact through volunteerism
  • Resources to meet unique needs
  • Empowerment to make healthy decisions
  • Support for managing financial well-being and planning for future
  • Fulltime
Read More
Arrow Right

Digital Governance and Vendor Management Lead

The Digital Governance Sr Analyst drives excellence through strategic oversight ...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years experience in Compliance and Risk Management
  • Strong understanding of digital franchise operations and emerging technology risks
  • Track record of success in leading critical projects with excellent influencing skills
  • Ability to create relevant strategy and lead ideation processes with stakeholders through to implementation phases
  • Strong verbal, written communication and presentation skills
  • Proven ability to thrive in a dynamic, fast-paced environment with minimal guidance and supervision
  • Expertise in regulatory mapping and change impact analysis methodologies
  • Demonstrated experience in third party risk assessment and vendor lifecycle management
Job Responsibility
Job Responsibility
  • Perform comprehensive regulatory mapping exercises to identify applicable requirements across business operations
  • Conduct regulatory change impact analysis to assess effects of new and evolving regulations on business processes
  • Champion process automation initiatives and AI incorporation across operational process flows and manual oversight activities
  • Conduct deep-dive analysis to identify optimization opportunities and streamline workflows
  • Execute primary business owner responsibilities encompassing the entire cycle from onboarding to ongoing monitoring and offboarding processes
  • Analyze and review quarterly regulatory monitoring results, identify gaps and implement suitable corrective actions
  • Serve as a key liaison in managing third party vendor relationships and oversight programs
  • Work closely with various enterprise functions such as Risk, Operations, Compliance, Legal, Data Security and Fraud teams
  • Facilitate cross-functional regulatory interaction lifecycle management
  • Ensure adherence to controls frameworks by developing standards that promote consistency of processes across the organization
What we offer
What we offer
  • Extensive on-the-job training and exposure to senior leaders
  • Traditional learning opportunities
  • Volunteerism opportunities
  • Resources to meet unique needs
  • Empowerment to make healthy decisions
  • Financial well-being support
  • Career planning assistance
  • Fulltime
Read More
Arrow Right

Data Governance Program Manager

Digital Transformation PMO - Data Governance Program Manager. This role is accou...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in IT, Computer Science, Software Engineering, Data, Business Analytics or equivalent
  • Minimum 10 years of experience in data or corporate governance setup and operationalization
  • Experience in SAP MDG, S4 HANA roll out, Data Harmonization and Data Cleansing
  • Experience in Material, Vendor, BOM master Data
  • Certification in industry standard data architecture discipline or similar (e.g. DCAM, DAMA)
  • Experience in operating under Data Office organization
  • Expert in consulting and helping business to develop data quality business rules, data catalogue, business glossary
  • Ability to develop, implement & optimize complex data governance solution and issues
  • Experience in Data, Privacy, Protection implementations & operationalization
  • Experience in Big Data and associated platform / technology knowledge
Job Responsibility
Job Responsibility
  • Establish, develop and optimize Data Governance Framework, Policy, Process & associated business program / solutions implementations for Global Operation team
  • Define data governance, data management frameworks and solutions together with Chief Data Officer team, IT and Global Operation functional groups
  • Support business units in digital transformation journey with data governance
  • Enable Data Governance framework including managing the objectives, approach, processes, policies and procedures around data governance
  • Build robust and scalable data governance ecosystem to support business needs
  • Define data governance operational processes (e.g., data quality measurement, metadata management) in accordance with policies and standards
  • Provide expert consultation to business units to establish and maintain data policies and standards that enable use-cases
  • Provide expert consultation to assist business units in identify and setup of critical data elements including the setup of data lineage, data catalogue and data quality
  • Work collaboratively & consultatively with chief data officer, business units, IT to deliver enterprise objectives around data governance
  • Identify, design, and implement internal process & framework improvements: automating manual operational processes and control for data governance implementation
What we offer
What we offer
  • Health & Wellbeing comprehensive suite of benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion in an inclusive environment
  • Fulltime
Read More
Arrow Right

Program Manager, Physical Sciences

The Program Manager will be responsible for various activities in support of the...
Location
Location
United States , Manhattan
Salary
Salary:
75000.00 USD / Year
nyas.org Logo
The New York Academy of Sciences
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • PhD required in an appropriate subject area of Physical Sciences, including but not limited to: Astrophysics
  • Atomic, Molecular & Optical Physics
  • Chemical Engineering
  • Condensed Matter Physics
  • Electrical Engineering
  • Materials Science
  • Mechanical Engineering
  • Particle Physics
  • Physical Earth Sciences
  • Theoretical Physics
Job Responsibility
Job Responsibility
  • Work with the Senior Leadership to identify, select, and establish ongoing relationships with an international cadre of judges, Scientific Advisory Council members, nominators, nominating institutions, and affiliated partners.
  • Review nominations in broad disciplinary areas of physical sciences
  • evaluating each application according to rigorous quantitative and qualitative metrics.
  • Serve as primary point of contact for judges in your topic area and programs
  • facilitate nominee/applicant evaluation and honoree selection by juries of expert scientists, conducted both online and in-person.
  • Coordinate the preparation of multimedia materials for broad audiences that explain the impact of the honorees’ complex scientific research.
  • Conceptualize and develop scientific programming for international and domestic symposia that showcase honoree research for scientific and lay audiences.
  • Work with the Academy’s Senior Leadership team as well as various administrative and operations departments, affiliated partners, and other vendors as needed to develop and execute domestic and international award ceremonies and other program events.
  • Collaborate across Academy departments to identify potential opportunities for ongoing honoree engagement in additional Academy initiatives and publications.
  • As needed, work with the Senior Vice President, Life Sciences to conceptualize, organize, secure financial support for, and convene scientific conferences and programming in various areas of physical sciences and engineering.
What we offer
What we offer
  • affordable health insurance
  • retirement plan with matching employer contribution
  • personal & career development stipend
  • liberal paid time off policies
  • Fulltime
Read More
Arrow Right

Information Security Manager

The Information Security Manager for the KSA Business Unit will be responsible f...
Location
Location
Saudi Arabia , Khobar
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Security, Computer Science, or a related field
  • Professional certifications such as CISSP, CISM, CISA, or equivalent are highly preferred
  • Minimum of 7 years of experience in information security, with at least 3 years in a managerial role
  • Strong knowledge of KSA cybersecurity regulations, including NCA and SAMA frameworks
  • Experience in implementing and managing security controls, risk assessments, and incident response
  • Familiarity with international security standards (ISO 27001, NIST, etc.)
  • Excellent leadership, communication, and stakeholder management skills
  • Ability to work effectively in a regional and multicultural environment
Job Responsibility
Job Responsibility
  • Work closely with the Compliance function to ensure compliance with KSA cybersecurity regulations
  • Ensure adherence to and enforcement of Nextcare’s security policies and guidelines across the KSA business unit
  • Identify, assess, and mitigate security risks, ensuring appropriate controls are in place to protect sensitive information and IT infrastructure
  • Lead security incident response efforts, including investigation, containment, and reporting to relevant authorities
  • Promote cybersecurity awareness across the business unit and conduct training programs for employees
  • Assess and monitor security risks associated with vendors, partners, and third-party service providers
  • Act as the key liaison between the KSA business unit and the regional security team, providing reports on security posture, incidents, and compliance status
  • Oversee security operations, ensuring continuous monitoring, threat detection, and vulnerability management
  • Implement and manage security controls, including Antivirus & Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Proxy Solutions, Email Security, and other controls
  • Stay updated on the latest cybersecurity threats, trends, and industry best practices to strengthen the organization's security posture
  • Fulltime
Read More
Arrow Right

Legal Third-Party Management and Information Security Risk Lead

As part of the Legal Outside Counsel, Third Party Management and Operations team...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ability to assess residual risk in complex vendor environments and make sound defensible recommendations
  • Experience applying risk-based frameworks to prioritize issues and mitigation efforts
  • Strong interpersonal skills for engaging legal, compliance, technology, procurement and senior risk stakeholders
  • Proficiency in creating clear and concise reports dashboards and governance experience
  • Leading or supporting cross functional projects, ability to support risk transformation initiatives, and integrate evolving legal tech and regulatory guidance into assessment methodologies
  • Bachelor’s degree or equivalent
Job Responsibility
Job Responsibility
  • Manage and oversee a set of complex initiatives that span multiple lines of business in the Cyber Security (CS), Information Security (IS) and Third-Party Risk Management (TPRM) space for Global Legal Solutions
  • Assess the risks and effectiveness of Third Party IS processes and controls based on enterprise requirements ensuring the IS risk is within tolerance
  • Evaluate the design and execution of the Legal IS Program, identifies potential enhancements and drives implementation of governance, methodologies and tools required for the effective oversight of Third-Party Management IS risk to continually strengthen the Program
  • Assist the day-to-day activities within the TPM Risk and Info Sec group
  • Monitor, track and control outcomes to resolve issues, conflicts, dependencies and critical path deliverables related to issues and gaps found in the TPISA process
  • Drive implementation of enterprise Third Party Management controls required to be assessed as part of the Managers Control Assessment, reviews results, and determines if remediation actions are appropriate
  • Document control design, testing methodology, and evidence for effectiveness reviews in compliance with Citi's Risk and Control Standards
  • Contribute to quarterly control certifications, issue management processes and audit engagements
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Private medical insurance packages to suit your personal circumstances
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy