Sobre

Job Description Summary As Senior Digital Auditor, you will play a key role in setting the strategy of Third-Party Risk Management (TPRM) for GE Vernova as well as overseeing and governing services delivered by our external Managed Service Provider (MSP). This role is responsible for ensuring that the MSP meets contractual obligations and performance indicators, as well as tracking, reporting and handling escalations. This role will ensure that our TPRM strategy, standards, and governance framework remain effective, consistent, and aligned with organizational objectives. The individual will act as the GE Vernova point of contact of TPRM governance, driving oversight, compliance, and continuous improvement. Job Description Key Responsibilities Governance & Oversight Maintain and operationalize the organization’s TPRM strategy, playbook, standard work, and governance framework. Establish and maintain governance frameworks to oversee MSP TPRM operations. Monitor compliance with contractual obligations and performance indicators (KPIs/SLAs). Conduct regular governance meetings with the external partner and internal stakeholders. Risk & Compliance Ensure adherence to organizational policies, regulatory requirements, and industry standards. Monitor risk assessments, control testing, and remediation of findings. Review and assess supplier-proposed contract redlines related to cybersecurity requirements to ensure alignment with organizational standards and risk posture. Performance Management Track and report on third-party performance, including but not limited to, incident response, vulnerability management, and risk remediation. Review monthly/quarterly security metrics, dashboards, and reports for accuracy and effectiveness. Escalate risks, gaps, and deviations to senior leadership with actionable recommendations. Stakeholder Management Act as the liaison between the TPRM organization and the MSP cybersecurity partner. Partner with DT, Cyber, Legal, Sourcing and Business teams to ensure security alignment with business objectives. Provide clear and timely communication on risks, incidents, and remediation status. Continuous Improvement Drive process improvements in governance, risk management, and compliance monitoring. Monitor industry trends, regulations, and emerging risks to keep TPRM strategy up to date. Benchmark MSP services against industry best practices. Recommend enhancements to security policies, standards, and frameworks. Skills Strong understanding of third-party/vendor cyber risk management. Experience with cybersecurity frameworks: ISO 27001, NIST CSF, etc. Familiarity with regulatory requirements. Strong audit experience and ability to review technical/operational security reports. Excellent stakeholder management and communication skills. Professional certifications preferred: ISO 27001 LA, CISA etc. Additional Information Relocation Assistance Provided: No #LI-Remote - This is a remote position Addressing the climate crisis is an urgent global priority and we take our responsibility seriously. That is our singular mission at GE Vernova: continuing to electrify the world while simultaneously working to help decarbonize it. If we want our energy future to be different…we must be different. Our mission is embedded in our name. We retain our treasured legacy, “GE,” in our name as an enduring and hard-earned badge of quality and ingenuity. “Ver” / “verde” signal Earth’s verdant and lush ecosystems. “Nova,” from the Latin “novus,” nods to a new, innovative era of lower carbon energy that GE Vernova will help deliver. Together, we have The Energy to Change the World. www.gevernova.com