WebMD is the most recognized and trusted brand of health information and the leading provider of health information services, serving consumers, physicians, healthcare professionals, employers and health plans through our public and private online portals and WebMD the Magazine. The WebMD Health Network includes WebMD, Medscape, MedicineNet, eMedicine, RxList, theheart.org and Medscape Education. Our consumer portals and mobile health applications provide engaging, relevant and credible health and wellness information, personalized health assessment tools and access to online communities. As a Vendor Risk & Compliance Engineer, you will be uniquely positioned to enhance Vendor risk program using AI that keeps our vendors and products aligned to frameworks such as NIST, HIPAA, and SOC2. You'll lead and conduct vendor security risk assessments end to end — integrate AI to improve accuracy, evaluate control effectiveness, quantify risk to the business, and partner with risk owners to drive it down. Working under the Sr. Director of Privacy and Compliance, you will also own risk reporting for the team in OneTrust: keeping risk managers accountable for remediation and building the KRIs and KPIs that show leadership how we're trending. Beyond the day-to-day, you'll improve our assessment methodology and questionnaires and maintain them in OneTrust. The ideal candidate demonstrates the ability to continuously identify & integrate AI to improve all aspects of the program, strong and practical GRC fundamentals and the judgment to prioritize real risk reduction over check-the-box control work.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Mid Level