Avidity Biosciences

Manager, IT Third-Party Risk

Join Avidity Biosciences in San Diego as Manager, IT Third-Party Risk. Oversee risk management, ensure compliance, and enjoy competitive benefits.

Department - JobBoardly X Webflow Template
Job Level - JobBoardly X Webflow Template
Senior
ServiceNow Role Type:
ServiceNow Modules:
Department - JobBoardly X Webflow Template
Governance, Risk, and Compliance
Department - JobBoardly X Webflow Template
Third-Party Risk Management
Department - JobBoardly X Webflow Template
Virtual Agent
ServiceNow Certifications (nice to have):
Department - JobBoardly X Webflow Template
Certified Implementation Specialist - Third-Party Risk Management

Job description

Date - JobBoardly X Webflow Template
Posted on:
 
February 12, 2025

The Manager, IT Third-Party Risk is a key leadership role responsible for overseeing and enhancing Avidity’s third-party risk management program, ensuring that vendors, suppliers, and partners comply with security, regulatory, and operational risk requirements. This role requires a technical and business-savvy leader who can collaborate across IT, procurement, compliance, security, and business units to evaluate and manage risks within the third-party ecosystem.

Requirements

  • Bachelor’s degree in Information Security, Risk Management, Business, or a related field (or equivalent experience)
  • 8+ years of experience, with 5+ years in third-party risk management, vendor risk assessment, or IT security risk management
  • Strong understanding of cybersecurity frameworks, regulatory compliance (FDA, HIPAA, GxP), and enterprise risk management methodologies
  • Experience with vendor risk management platforms (e.g., Archer, OneTrust, ServiceNow VRM, or similar tools)
  • Proven experience integrating TPRM strategies into broader cybersecurity and IT risk management programs
  • Strong negotiation and communication skills to engage with vendors, legal teams, and business stakeholders
  • Ability to translate technical risk findings into business-focused recommendations for executive decision-making
  • Prior experience working in biotech, pharmaceuticals, or highly regulated industries is preferred
  • Experience with privacy-related processes such as DSAR handling, cookie consent management, and privacy policy updates is a plus

Benefits

  • Annual and spot bonuses
  • Stock options and RSUs
  • 401(k) with an employer match
  • Comprehensive wellness program including coverage for medical, dental, vision, and LTD
  • Four weeks of time off
  • Commitment to learning and development including job-specific training and education reimbursement program

Requirements Summary

Bachelor’s degree in Information Security, Risk Management, Business, or related field. 8+ years of experience, 5+ years in third-party risk management, vendor risk assessment, or IT security risk management