This role will ensure that our TPRM strategy, standards, and governance framework remain effective, consistent, and aligned with organizational objectives. The individual will act as the GE Vernova point of contact of TPRM governance, driving oversight, compliance, and continuous improvement.Job Description
Key Responsibilities
- Governance & Oversight
- Maintain and operationalize the organization’s TPRM strategy, playbook, standard work, and governance framework.
- Establish and maintain governance frameworks to oversee MSP TPRM operations.
- Monitor compliance with contractual obligations and performance indicators (KPIs/SLAs).
- Conduct regular governance meetings with the external partner and internal stakeholders.
- Risk & Compliance
- Ensure adherence to organizational policies, regulatory requirements, and industry standards.
- Monitor risk assessments, control testing, and remediation of findings.
- Review and assess supplier-proposed contract redlines related to cybersecurity requirements to ensure alignment with organizational standards and risk posture.
- Performance Management
- Track and report on third-party performance, including but not limited to, incident response, vulnerability management, and risk remediation.
- Review monthly/quarterly security metrics, dashboards, and reports for accuracy and effectiveness.
- Escalate risks, gaps, and deviations to senior leadership with actionable recommendations.
- Stakeholder Management
- Act as the liaison between the TPRM organization and the MSP cybersecurity partner.
- Partner with DT, Cyber, Legal, Sourcing and Business teams to ensure security alignment with business objectives.
- Provide clear and timely communication on risks, incidents, and remediation status.
- Continuous Improvement
- Drive process improvements in governance, risk management, and compliance monitoring.
- Monitor industry trends, regulations, and emerging risks to keep TPRM strategy up to date.
- Benchmark MSP services against industry best practices.
- Recommend enhancements to security policies, standards, and frameworks.
Skills
- Strong understanding of third-party/vendor cyber risk management.
- Experience with cybersecurity frameworks: ISO 27001, NIST CSF, etc.
- Familiarity with regulatory requirements.
- Strong audit experience and ability to review technical/operational security reports.
- Excellent stakeholder management and communication skills.
- Professional certifications preferred: ISO 27001 LA, CISA etc.
Relocation Assistance Provided: No
Top Skills
What We Do
GE Vernova is a planned purpose-built company on a mission to electrify the planet while simultaneously working to decarbonize it.
If we want our energy future to be different…we must be different.
Our mission is embedded in our name. We retain our treasured legacy, “GE,” in our name as an enduring and hard-earned badge of quality and ingenuity. “Ver” / “verde” signal Earth’s verdant and lush ecosystems. “Nova,” from the Latin “novus,” nods to a new, innovative era of lower carbon energy that GE Vernova will help deliver.
GE Vernova brings together GE’s portfolio of energy businesses including Power, Wind, Electrification and Digital businesses. With focus, GE Vernova is accelerating the path to more reliable, affordable, and sustainable energy, while helping our customers power economies and deliver the electricity that is vital to health, safety, security, and improved quality of life.
Together, we have The Energy to Change the World.
Why Work With Us
Join our team, to evolve and grow, surrounded by some of the brightest minds in the industry who help you get better every day. You’ll get the chance to rewrite the rules, work on cutting-edge technology, and be part of a global team for positive change.
Gallery
.png)
