Third Party Compliance Manager

Job Description

Job Description

MediaAlpha is a customer acquisition solutions provider powered by technology and data science. The company provides industry-leading solutions designed to reach consumers shopping within high-consideration categories such as property and casualty insurance, health insurance, life insurance, and more.

MediaAlpha is hiring a Third-Party Compliance Manager to build and lead our enterprise-wide vendor and ecosystem security program. This individual contributor role will own day-to-day TPRM operations, working hands-on to define strategy and execute across our three core focus areas : maintaining an inventory of third-party tools and platforms, verifying vendors are implemented according to security requirements, and conducting security reviews of new and existing solutions. You'll partner closely with Security, Privacy, Legal, Compliance, Engineering, Revenue Operations, and IT leaders.

As the primary hands-on operator, you'll coordinate security assessments and vendor reviews, build program infrastructure and processes, and track remediation efforts to closure. You'll be responsible for scaling the program as our vendor portfolio grows, shaping TPRM as an in-house capability while executing assessments and driving results yourself.

Your core responsibilities include managing information risks at scale across vendors, SaaS platforms, APIs, shared service providers, and supply chain dependencies. You'll transform our TPRM approach from periodic questionnaires to continuous, automation-enabled monitoring, expand visibility into fourth-party risks, and coordinate with engineering, privacy, and procurement teams to address technical, operational, and contractual exposures.

Responsibilities

• Define and drive the TPRM roadmap and strategy - evolving the program into a scalable, repeatable process.
• Maintain and optimize our Third-Party Risk Management function responsible for driving third party risk assessments, continuous monitoring and incident support
• Audit new and existing third parties that are involved in exchange of information with our organization.
• Partner with Information Services to design and integrate automation and continuous monitoring tools (e.g., Vanta) into third party workflows.
• Embed security risk requirements into procurement, legal and contracting processes
• Oversee technical integration reviews for SaaS, APIs, cloud platforms, and data-sharing workflows
• Perform third party risk reviews of systems and services utilized by the organization.
• Ensure fourth-party and ecosystem dependency risks are incorporated into TPRM processes.
• Develop insights, dashboards and reporting that provides executive visibility into vendor, fourth-party and ecosystem risk
• Partner with Information Services and Engineering to ensure vendor-related vulnerabilities and incidents are effectively resolved.
• Represent TPRM as a product and capability to leadership, customers, and stakeholders.
• Complete Third Party Questionnaires sent to our organization, and ensure Third Party Questionnaires we send are completed appropriately.
• Ensure our Trust Portal is maintained, the documentation is up to date, and inquiries are supported as they arise.
• Support the Cyber Audit and the Exchange Compliance systems, addressing relevant requests as appropriate.
• Maintain evidence repository and report tracking of TPRM compliance.
• Provide TPRM training to internal business units and vendor relationship owners

Qualifications :

Preferred Skills

Compensation & Benefits

We are excited to offer a competitive base pay range of $113,000 to $200,000 per year for this position, based on experience and qualifications. But that's not all - as a valued member of our team, you will also have access to an array of top-notch benefits, including :

Diversity, Equity, and Inclusion

MediaAlpha is committed to fostering, cultivating, and maintaining a culture of diversity, equity, and inclusion. Our philosophy and actions are built on the premise that as an employer and citizens of our communities, we can create opportunities for lasting change.

Fair Chance

MediaAlpha will consider qualified applicants, including those with criminal histories, in a manner consistent with state and local "Fair Chance" laws. We are also committed to providing reasonable accommodations for qualified applicants with disabilities and disabled veterans in our application process. If you need assistance or an accommodation due to a disability, please contact us at peopleops@mediaalpha.com or (213) 316-6256.