Program Manager, Vendor Security, Cybersecurity
Posted 2025-08-15
Remote, USA
Full Time
Immediate Start
About the position
The Program Manager, Vendor Security at Sephora is responsible for leading the North America Vendor Security Risk Management Program. This role involves managing the vendor security review process from start to finish, ensuring that all vendor relationships are assessed for security risks. The Program Manager will collaborate with various stakeholders across the organization to implement best security practices and provide training on vendor security processes.
Responsibilities
• Manage the Vendor Security Review process end to end, including reviewing intake documentation and managing internal meetings.
,
• Create a security review approach for each vendor based on their services and inherent risks.
,
• Review vendor security documents and manage vendor security meetings.
,
• Draft meeting recap notes and follow-ups, and manage contract security reviews.
,
• Drive vendor security-related projects as needed and prepare weekly status updates and quarterly dashboards.
,
• Provide ongoing vendor security review process training across the organization.
Requirements
• 5+ years of experience in Cyber Security, vendor security, compliance, risk management, audit, or program/project management.
,
• Strong organizational skills and attention to detail.
,
• Ability to learn the vendor security review lifecycle management and adapt review approaches based on vendor engagements.
,
• Effective communication and partnership skills with cross-functional teams.
,
• Ability to create and deliver business updates and presentations to leadership.
Nice-to-haves
• Experience in a fast-paced e-commerce environment.
,
• Knowledge of information security principles and vendor security review methodologies.
Benefits
• Dental insurance
,
• Disability insurance
,
• Employee discount
,
• Flexible spending account
,
• Health insurance
,
• Life insurance
,
• Paid time off Apply tot his job
The Program Manager, Vendor Security at Sephora is responsible for leading the North America Vendor Security Risk Management Program. This role involves managing the vendor security review process from start to finish, ensuring that all vendor relationships are assessed for security risks. The Program Manager will collaborate with various stakeholders across the organization to implement best security practices and provide training on vendor security processes.
Responsibilities
• Manage the Vendor Security Review process end to end, including reviewing intake documentation and managing internal meetings.
,
• Create a security review approach for each vendor based on their services and inherent risks.
,
• Review vendor security documents and manage vendor security meetings.
,
• Draft meeting recap notes and follow-ups, and manage contract security reviews.
,
• Drive vendor security-related projects as needed and prepare weekly status updates and quarterly dashboards.
,
• Provide ongoing vendor security review process training across the organization.
Requirements
• 5+ years of experience in Cyber Security, vendor security, compliance, risk management, audit, or program/project management.
,
• Strong organizational skills and attention to detail.
,
• Ability to learn the vendor security review lifecycle management and adapt review approaches based on vendor engagements.
,
• Effective communication and partnership skills with cross-functional teams.
,
• Ability to create and deliver business updates and presentations to leadership.
Nice-to-haves
• Experience in a fast-paced e-commerce environment.
,
• Knowledge of information security principles and vendor security review methodologies.
Benefits
• Dental insurance
,
• Disability insurance
,
• Employee discount
,
• Flexible spending account
,
• Health insurance
,
• Life insurance
,
• Paid time off Apply tot his job