"Alerted.org

How you'll help us Keep Climbing (overview & key responsibilities)

Join Delta IT on our journey to becoming the best IT organization in the airline industry.

Delta IT is on a journey of transformation. We are changing the way we do business from top to bottom. As thought leaders within Delta, we strive to create meaningful and innovative solutions and are looking for team members to help us realize our vision.

Delta IT employees are thinkers, doers, innovators.

We are proactive.

We are collaborative.

We deliver impact to our customers.

Join us on our transformation journey in becoming a world-class IT organization at the world's best airline!

The Manager of Vendor Risk Management (VRM) is responsible for overseeing the identification, assessment, and mitigation of technology-related risks across all third-party vendors. This role ensures compliance with regulatory requirements and internal security standards by meeting the risk framework set forth by IT Risk. The manager will collaborate with key stakeholders, such as procurement, legal, and IT teams to implement effective controls and drive continuous improvement in vendor risk posture. Strong leadership and communication skills are essential to manage complex risk scenarios and communicate findings to senior stakeholders. The ideal candidate combines dep knowledge of IT security, vendor governance and risk management practices with the ability to influence strategic decisions.

Key Responsibilities

Program Leadership & Strategy

+ Provide leadership and oversight to a high performing team of Information Security professionals to ensure the confidentiality, integrity, and availability of information.

+ Oversee the Vendor Risk Management program, ensuring alignment with enterprise risk and compliance objectives.

+ Effective executive communication on vendor risk with the ability to simplify complexity.

+ Develop and maintain VRM policies, procedures, and governance frameworks.

+ Drive continuous improvement initiatives, including automation and integration of risk tools.

+ Gain and maintain knowledge of existing and emerging supply chain risks. Adjust the program to address/minimize these risks.

+ Meet with staff on a timely basis to conduct performance evaluations and provide feedback. Provide ongoing coaching, mentoring, and training to develop and encourage employee performance and development.

Risk Assessment & Monitoring

+ Lead the team in conducting inherent and residual risk assessments for new and existing vendors.

+ Implement continuous monitoring capabilities to track vendor risk posture in real time.

+ Ensure timely remediation of identified risks and findings, partnering with vendors and internal stakeholders.

Stakeholder Engagement

+ Collaborate with Supply Chain, Legal, and business units to embed security requirements into contracts and onboarding workflows.

+ Provide risk insights and recommendations to senior leadership for informed decision-making.

+ Serve as the primary point of escalation for vendor risk issues.

Reporting & Metrics

+ Deliver regular reports on vendor risk status, trends, and remediation progress to leadership and audit committees.

+ Establish KPIs and dashboards to measure program effectiveness.

Team Leadership

+ Manage and mentor a team of vendor risk analysts, fostering professional growth and collaboration.

+ Promote a culture of accountability, innovation, and continuous learning.

+ Lead with integrity and a positive attitude.

+ Perform special projects as assigned, while effectively managing time with competing priorities.

What you need to succeed (minimum qualifications)

+ 7+ years of experience in vendor risk management, third-party risk, or IT security, with at least 3 years in a leadership role.

+ Skill in conducting Information Security assessments of vendors/third parties.

+ Strong knowledgeof regulatory requirements(PCI DSS, SOX, HIPAA) and risk frameworks (NIST, ISO 27001).

+ Experience with GRC platforms and continuous monitoring tools (e.g., Archer, BitSight).

+ Effectively communicates Information Security risks to technical and non-technical stakeholders, offers actionable options, and drives resolutions that balance business needs with risk reduction.

+ Ability to lead and mentor direct reports and colleagues, and support leadership directives.

+ Proactive in nature with customer satisfaction as a primary goal.

+ Excellent written and verbal communication skills with a demonstrated ability to develop and maintain relationships.

+ Strong sense of urgency, accountability, and ownership.

+ Consistently prioritizes safety and security of self, others, and personal data.

+ Embraces diverse people, thinking, and styles.

+ Possesses a high school diploma, GED, or high school equivalency.

+ Is at least 18 years of age and has authorization to work in the United States.

What will give you a competitive edge (preferred qualifications)

+ Bachelor's degree in information security, risk management, or related field.

+ Professional certifications such as CISSP, CISM, and CRISC.

+ Experience with RSA Archer or equivalent GRC tool.

+ Ability to influence and drive change across multiple teams.

Benefits and Perks to Help You Keep Climbing

Our culture is

rooted in a shared dedication to living our values – Care, Integrity,

Resilience and Servant Leadership – every day, in everything we do. At Delta,

our people are our success. At the heart of what we offer is our focus on

Sharing Success with Delta employees. Exploring a career at Delta gives you a

chance to see the world while earning great compensation and benefits to help

you keep climbing along the way:

+ Competitive salary,industry-leading profit sharing program, and performance incentives

+ 401(k) with generouscompany contributions up to 9%

+ New hires areeligible for up to 2-weeks of vacation. This is earned for use in the followingvacation year (April 1 – March 31)

+ In addition tovacation, new hires are eligible for up to 56 hours of paid personal timewithin a 12-month period

+ 10paid holidays per calendar year

+ Birthing parents areeligible for 12-weeks of paid maternity/parental leave

+ Non-birthing parentsare eligible for 2-weeks of paid parental leave

+ Comprehensive healthbenefits including medical, dental, vision, short/long term disability and lifeinsurance benefits

+ Family careassistance through fertility support, surrogacy and adoption assistance,lactation support, subsidized back-up care, and programs that help with lovedones in all stages

+ Holistic Wellbeingprograms to support physical, emotional, social, and financial health,including access to an employee assistance program offering support for you andanyone in your household, free financial coaching, and extensive resourcessupporting mental health

+ Domestic andInternational space-available flight privileges for employees and eligiblefamily members

+ Career developmentprograms to achieve your long-term career goals

+ World-widepartnerships to engage in community service and innovative goals created tofocus on sustainability and reducing our carbon footprint

+ Business ResourceGroups created to connect employees with common interests to promote inclusion,provide perspective and help implement strategies

+ Recognition rewardsand awards through the platform Unstoppable Together

+ Access to over 500discounts, specialty savings and voluntary benefits through Deltaperks such ascar and hotel rentals and auto, home, and pet insurance, legal services, andchildcare

Delta Air Lines, Inc. is an Equal Employment Opportunity / Affirmative Action employer and provides reasonable accommodation in its application process for qualified individuals with disabilities and disabled veterans. If you are a qualified individual, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings through this site, apply for jobs through Delta’s online system, or at any point in the selection process. To request a reasonable accommodation, please click here