Director of AI-Driven Third-Party Cyber Risk
Habitat For Humanity Of Durham
Language Fluency: English (Required) Work Shift: 1st shift (United States of America) Job Grade: 114 Please review the following job description: Truist is seeking a senior leader to transform, modernize, and operate the Cybersecurity Third-Party Risk Management (CTPRM) function within Truist Protection Services (TPS). Reporting to the Head of Security Governance, this role will redefine how cyber third-party risk is identified, assessed, and continuously monitored—leveraging agentic AI, automation, and advanced analytics to scale decision-making across Truist’s ecosystem. This leader will drive the evolution from traditional, manual assessment models to intelligent, adaptive, and technology-driven risk management capabilities. The role partners closely with the Enterprise Third Party Risk Operations Function (TPROF), second line Risk, Business Information Security Officers (BISOs), Sourcing, Legal, and Technology teams to strengthen Truist’s cyber supply chain posture at scale. The ideal candidate has led CTPRM teams in a large, regulated environment, can translate technical risk into clear business decisions, and can drive measurable program outcomes at scale. What success looks like
- A modern, intelligence-driven CTPRM Function leveraging agentic AI and automation to reduce manual effort, accelerate assessments, and enable near real-time risk visibility across the third-party ecosystem.
- Measurable improvements in assessment cycle time, signal quality, and automation coverage through the adoption of AI-driven workflows and decision support.
- Executive-ready reporting that highlights top cyber risks, trends, and prioritized remediation actions across critical suppliers and services.
- Strong partnerships across first, second, and third lines of defense and positive outcomes in regulatory and audit engagements. ESSENTIAL DUTIES AND RESPONSIBILITIES
- Architect and lead the transformation of the Cyber Third-Party Risk Management (CTPRM) operating model, embedding agentic AI, automation, and intelligent workflows to significantly improve scalability, speed, and risk insight.
- Drive a culture of automation and innovation—challenging legacy processes, reducing manual effort, and continuously identifying opportunities to apply AI and emerging technologies to improve program effectiveness.
- Own the cyber contract deviation (exception) governance process—including intake, risk analysis, decision support, approvals, documentation, and ongoing monitoring/expiration, in partnership with Legal.
- Build, lead, and continuously improve the third-party cybersecurity assessment activities(methodology, scoping, testing/evidence standards, quality assurance) and drive timely remediation of identified Third Party Sub-Issues and risks.
- Leverage agentic AI, technology, data, third-party intelligence, and strategic partners to scale assessment throughput, improve risk signal quality, and increase automation where appropriate.
- Partner with BISOs and business leaders to integrate cyber third-party risk into business decisions, onboarding, change management, and ongoing Third Party performance/risk reviews.
- Hire, develop, and retain a high-performing team of cybersecurity and third-party cybersecurity risk professionals; set clear goals, coaching, and a strong culture of accountability and collaboration.
- Partner with second line Risk to align oversight expectations, strengthen issue management, and reduce Truist’s exposure to cyber supply chain and concentration risk.
- Establish strong cross-functional working relationships and alignment across TPS, Enterprise TPROF, Technology, Procurement, Legal, and business stakeholders, embodying a “we deliver together” culture.
- Support regulatory exams and internal audit engagements related to information security and third-party cybersecurity risk; ensure timely, accurate responses, sustainable remediation, and strong control evidence.
QUALIFICATIONS
Required Qualifications: The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.- BS IT/ Computer Science / Cyber Security, MIS, Economics, Finance, Operations Management, or a related discipline. MBA or related graduate degree a plus.
- 15+ years professional experience in top 10 USA banks or other financial institution, consulting firm, and/ or software company, preferably within a merger/acquisition environment with significant transformational change with people, process, and technology.
- 10+ years information security and third-party security threat and risk assessment and management experience, including using industry frameworks such as ITIL, COBIT, NIST CSF, CIS RAM, MITRE.
- 2+ years’ experience with digital banking deployed on public cloud platforms and (strong plus) leveraging artificial intelligence technologies.
- Broad knowledge of Information Security frameworks (e.g., NIST, FFIEC), regulations (SOX, GLBA, NYDFS), functions (Anticipate, Protect, Detect, Respond) and information security controls.
- Expertise working across IT and business functions and with second and third lines of defense, and regulators.
- Demonstrates strong relationship management skills. Proven ability to quickly build trust and rapport with others in order to structure problems, build consensus, and negotiate agreement.
- Proven ability to manage large, deadline-driven projects in a way that reduces risk, ensures predictable results, meets or exceeds its timeline.
- Thrives in a fast-paced environment, can think and act both tactically and strategically.
- Exhibits high degree of creativity, self-motivation, and commitment to task.
- Ability to create a strong network of relationships among peers, internal partners, external constituencies, and decision makers to deliver end products.
- Experience preparing materials for and comfortable presenting to executive management.
- Excellent written and oral communication skills.
- Strong coordination, influencing and negotiation skills.
- Excellent risk-based judgement and decision making
- Passionate about building world-class Information Security programs.
$132k - $175k
...requisition id: JR101314Bitsight is a cyber risk management leader... ...risk for themselves and their third parties. Companies rely on Bitsight to... ..."agent-ready" for autonomous AI consumption. As a Staff Product... ...:** Your strategy for AI-driven data enrichment will enable CISOs...CyberRiskFull timeImmediate startRemote workFlexible hoursShift work$144.2k - $288.4k
...Position Summary The Lead Director of Third-Party Security Assessment & Risk Operations plays a... ...lifecycle and translate complex cyber risks into clear,... ...partners. Establish demand-driven resource models and align... ...Integration and adoption of AI-based tooling to facilitate...CyberRiskHourly payFull timeTemporary workLocal area$145k - $220k
...evolution of LIGER, an enterprise AI platform. You’ll be the senior... ...technical and programmatic risk, and making sure the AI capabilities... ...to align leaders behind AI‑driven solution approaches Oversee deployment... ..., including security, cyber, and data infrastructure Demonstrated...CyberRiskContract workFor contractorsWork at office- ...DescriptionPosition SummaryThe Sr. Manager of Cybersecurity Third-Party Risk Management leads the enterprise program responsible for identifying... ...services, provide executive visibility into third-party cyber risk exposure, remediation status, systemic supplier risk, and...CyberRiskContract workFor contractorsFor subcontractorWork at officeLocal areaWork from home
- Director of Technical Account Management, Customer Success Leading DLP AI Cybersecurity Provider | Remote (US) | Full-Time The Mission You’re the cybersecurity co-pilot... ...policy, you’re the one translating real-world cyber risk into product reality . Their cybersecurity...CyberRiskFull timeRemote workWork from homeSleeping nightsFlexible hoursNight shift
$97.5k - $209.5k
...complex issues, bottlenecks and/or risks, escalating issues when... ...or service delivery meets the third party, security, export, and accessibility... ...and standardizes data-driven decision-making frameworks, ensuring... ...to life-saving care. And with AI embedded across our products...RiskTemporary workImmediate startFlexible hoursShift work- ...- Lead Product Owner - Cyber Threat Management as part... ...foundational AI literacy by effectively... ...stakeholder input, and business risk.Threat Expertise &... ...of cloud security, AI-driven threat modeling, and emerging... ...Hiring Requirements:a. Third-Party recordings are...CyberRiskWork experience placementFree visa
- ...modern data platforms, and the AI systems that depend on them. TAMs... ...capabilities into reduced risk, controlled access, and safe AI... ...protected from insider threats, cyber-attacks, and policy violations... ...documented and assessed by appropriate parties Engage with customers at...CyberRiskRemote work
- ...a Senior Associate or Director, you will assist senior... ...project among interested parties including investors,... ...estate investment manager, driven by our by our belief... ...knowledge, taking calculated risks aligned with our... ...No calls or emails from third parties at this time please...RiskWork experience placementWork at officeLocal area
- ...impact. Your Role and Responsibilities The Third Party Strategic Advisor (TSA) is a trusted... ...and Red Hat. The TSA is a senior member of Risk, Compliance & Integrity who is known for... ...support the development of strategies. Data‑Driven Insights: Proven ability to provide data‑...RiskWorldwide
- ...VulnOps. This role sits at the intersection of security risk, automation, and emerging AI‑driven capabilities. If you’re a cybersecurity professional... ...functional environment to protect Vanguard and its clients from cyber security threats. Core Responsibilities (In This Role...CyberRiskWork experience placement
- Overview Responsible AI in banking is not a constraint imposed from the outside, and... ...regulated financial institution, AI introduces risk across model performance, customer impact... ...obligations, privacy, cybersecurity, third‑party dependency, operational resilience, data...Risk
$145k - $220k
...company that has been at the forefront of AI and high-performance data storage innovation... ...with confidence. Our success is driven by our unwavering commitment to innovation... ...dependencies, and deliverables are met Identify risks, technical dependencies, and resource...RiskFull timeLocal areaRemote workShift work$90.1k - $209.5k
...Technical Program Manager who is proactive, results-driven, and committed to delivering outcomes to join Oracle's Insider Risk Management/Data Loss Prevention team. The ideal... ...innovations to life-saving care. And with AI embedded across our products and services, we help...RiskTemporary workImmediate startFlexible hours$83k - $166.1k
...Experience supporting regulatory or compliance-driven environments is highly desirable. This... .... Drive program planning, execution, risk management, and stakeholder communication... ...innovations to life-saving care. And with AI embedded across our products and services,...RiskTemporary workFlexible hours- CVS Health is seeking a Lead Director of Third-Party Security Assessment & Risk Operations to safeguard the organization by managing third-party security standards. This strategic leader will drive the development of a comprehensive security program, ensuring compliance...RiskFull time
$94.4k - $266.3k
...combining creativity, technology, and data-driven intelligence. Within Song, the Customer... ...customer data, marketing technology, and AI-powered decisioning to transform how brands... ...Ensure secure deployment aligned to enterprise risk and compliance policies. Cloud &...RiskLive inWork at officeLocal area- ...innovation for 30 years and are leading the legal AI revolution to this day with most of the... ...teams through complexity, owning high-risk escalations, setting clear expectations,... ...experience owning customer escalations in SLA-driven environments • Strong understanding of...RiskWorldwide3 days per week
$76.4k - $138.6k
...Within Information Security we blend risk strategy, digital identity, cyber defense, application security and... ...include supporting the validation of third-party risk assessments, identifying misconfigurations... ...markets. Enabled by data, AI and advanced technology, EY teams...CyberRiskSummer holidayLocal areaFlexible hours$115.3k - $264.1k
...a proactive problem solver who can anticipate risks, remove obstacles before they impact delivery, and leverage emerging AI technologies to drive efficiency, productivity... ...successful candidate will demonstrate a strong data-driven mindset, using metrics and insights to guide...RiskTemporary workFlexible hours$128.1k - $239.6k
...Information Security we blend risk strategy, digital identity, cyber defense, application... ...Opportunity As an Assistant Director in the Information... ...infrastructure, applications, and third-party dependencies. Improve... .... Enabled by data, AI and advanced technology,...CyberRiskWork experience placementSummer holidayLocal areaFlexible hours$109.2k - $223.4k
...Job Description The Director for Global Defense - Japan is responsible for leading... ...solutions (e.g., cloud, data platforms, AI/analytics, cyber). Ensure proposals and delivery plans... ...influencing, and cross-cultural leadership Risk management and operational excellence...CyberRiskContract workTemporary workFor contractorsLocal areaFlexible hours- ...trust architectures, container security, AI/ML‑driven security analytics) to enhance the organization... .... Be responsible for triaging based on risk assessments of various threats and... ...security engineering. Experience within Cyber Security is preferred with a good understanding...CyberRisk
- ...our vision of a safe and secure cyber world. Our globally recognized... ...most vulnerable about cyber risks and empowering access to enter... ...more. Position Summary The AI Security Engineer is... ...deployment guardrails. Conduct third-party AI vendor and model supply chain...CyberRiskWork experience placementWork at officeRemote workNight shift
$120.1k - $251.6k
...center projects. Identifies critical gaps in risk identification and mitigation, and drives... ...Guides others to leverage innovative data-driven techniques to address ambiguous or novel... ...innovations to life-saving care. And with AI embedded across our products and services,...RiskContract workTemporary workFor contractorsFlexible hoursShift work- ...Teradata delivers real business value with AI. What You'll Do As a Staff Technical... ...detailed program plans, dependency maps, risk registers, and milestone tracking dashboards... ..., and go-to-market teams. Support data-driven prioritization by maintaining program...RiskPermanent employmentFlexible hours
$106.61k - $284.28k
...Health Digital is looking for a dynamic and driven Senior Technical Program Manager to lead... ...engineering programs, managing stakeholders, risks, issues, aligning dependencies, developing... ...behavior change Advanced skills in Jira, AI tools, Office 360, Confluence, SharePoint...RiskHourly payFull timeTemporary workWork at officeLocal area$51.72 - $59.72 per hour
...reproduce, impacted components/endpoints, and risk/impact) and practical remediation guidance... ...Requirements: ~4 years of Cyber Security Research experience, or equivalent... ...analytical skills Demonstrated knowledge of AI/ML-enabled applications and common security...CyberRiskHourly payContract work- ...management standards—clear milestones, KPIs, risk‑mitigation strategies, and regular status... ...." Proactive Problem‑Solving: A results‑driven mindset with the ability to navigate... ...educational resources on our personalized, AI‑driven learning platform where IBMers can...RiskContract workTemporary workRemote workShift work
$31.04 - $44.62 per hour
...communities we serve. Summary : The HCS Compliance Analyst I will be assigned to support the Compliance and Privacy Operations - Third Party Risk Management Department in the Compliance Program and will report directly to the manager of that team. Relevant work...RiskHourly payFull time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Director of AI-Driven Third-Party Cyber Risk. Be the first to apply!
- director biotech Raleigh, NC
- director of proposals Raleigh, NC
- integration director Raleigh, NC
- director of telecommunications Raleigh, NC
- director biology Raleigh, NC
- director of purchasing Raleigh, NC
- residence director Raleigh, NC
- director of information management Raleigh, NC
- director of missions Raleigh, NC
- director operational excellence Raleigh, NC

