Replit
Third Party Risk Management and Customer Trust Lead
Rol remoto de SRE con fit claro de ubicación del candidato.
Publicado10 jul 2026
Países elegibles38 países aceptados
Señal de seniorityLead
Modelo de trabajoRemoto
Ubicaciones aceptadas para candidatos
Resumen del rol
Third Party Risk Management and Customer Trust Lead
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
What You'll Do
- Run substantive third-party risk management (TPRM), independently evaluating real risk, not just processing questionnaire responses
- Review SOC 2 reports, pen test findings, and architecture documentation to form an independent view of vendor risk, extending the same rigor to AI/model providers
- Partner with Legal on vendor and AI contract terms, including DPAs, subprocessor agreements, and AI-specific provisions
- Review contracts for non-standard security language when flagged by Legal or deal desk, and recommend redlines
- Maintain the vendor and AI/model risk register, feeding findings into the company's master risk register
- Enable sales through maturing the customer trust program
- Build the capability for continuous monitoring of vendor ecosystem
Required Skills & Experience
- 8+ years in third-party/vendor risk management, security risk, or a related GRC role
- Demonstrated ability to independently assess vendor risk rather than relying on questionnaire responses alone, fluent in reading SOC 2 reports, ISO certificates, pen test summaries, and architecture documentation
- Experience reviewing or redlining security and data-handling contract language, ideally in partnership with a legal team
- Working knowledge of data privacy fundamentals (GDPR, CCPA) as they relate to vendor and subprocessor relationships
- Strong cross-functional collaboration skills — this role touches Legal, Engineering, Product, and Sales regularly
- Experience building repeatable, scalable vendor review processes rather than inheriting an existing one
Bonus Qualifications
- Direct experience assessing foundation model providers or AI/ML vendors specifically
- Experience automating or streamlining third-party review workflows (e.g., continuous vendor monitoring, automated evidence pulls) is a plus
- Familiarity with NIST AI RMF, ISO 42001, or the EU AI Act
- Background at an AI-native product company or an LLM/model provider
- Paralegal experience or formal contract review training
- Relevant certifications (CTPRP, CISSP, CIPP/E)
Bonus Qualifications
- Meet the Replit Agent
- Replit: Make an app for that
- Replit Blog
- Amjad TED Talk
Bonus Qualifications
- Operating Principles
- Reasons not to work at Replit
Roles similares
Mantén una lista de respaldo.
Content Classification, English 9 países aceptados
Taxonomy Analyst (German Speaker)IndeedVer rol Content Classification, English 9 países aceptados
Taxonomy Analyst (Spanish Speaker)IndeedVer rol Content Classification, English 9 países aceptados
Taxonomy Analyst (Dutch Speaker)IndeedVer rol Content Classification, English 9 países aceptados
Taxonomy Analyst (French Speaker)IndeedVer rol Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.
Ver todos los 38 países aceptados
AlbaniaAustriaBélgicaBulgariaCroaciaChipreChequiaDinamarcaEstoniaFinlandiaFranciaAlemaniaGreciaHungríaIslandiaIrlandaItaliaLetoniaLituaniaLuxemburgoMaltaMoldaviaMontenegroPaíses BajosMacedonia del NorteNoruegaPoloniaPortugalRumaníaSerbiaEslovaquiaEsloveniaEspañaSueciaSuizaUcraniaReino UnidoEstados Unidos
Flujo de contratación
WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.
1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.